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(54) Method and system for processing Information on encryption basis 



(57) A data processing apparatus genefates-aoan- 
.dom number key, and generates a.f irst intermediate key 
in response to-the-rarKtom-ntjntoer-key* The data 
processing apparatus memorizes. tbe.f irst intermediate 
key inxonr^ecfnn-wthamder^^^ A rombinatjon of the 
identifier and the random number keyjs transmitted 
from the data processing apparatus, to a reproducing 
device. The reprgo^jang_device generates a second 
irtem^iate key, in response to the random number-key.- 
A combination of the identifier and the second interme- 
cfiate key^is^transmHted from the reproducing device to 
the data processing apparatus. The data processing 
apparatus retrieves-the~first irterrnediate*.key' in 
response to the kJentifierj transmitted from the reproduc- 
ing ..device. The data processing apparatus decides 



whether or not the retrieved first intermediate key and 
the second intermediate key are equal to each other. 
The data processing apparatus and. the reproducing 
device are disconnected Jrom each other when the data 
processing apparatus decides. that the retrieved first 
intermediate key and the second intermediate key are 
not equal to each other. The data processing apparatus 
QpnftratPfi aiiESt tnm key in r^yormft to trM^ff^tnt^ TTft- 
diate-key. The reproducing device generates a second 
bus.key.in .response-to.the. secorxi. intermediate . key. 
Encryption and decryption of digital information trans- 
mitted between the reproducing device and the data 
processing apparatus are implemented in response to 
the first and second bus keys. 
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Description 

BACKGROUND OF THE INVENTION 

Field of the Invention s 

[0001] This invention relates to a method of process- 
ing iriformation on an encryption basis. This invention 
also relates to a system for processing information on 
an encryption basis. 10 

Description of the Related Art 

[0002] There are recording mediums for storing digital 
information which are called digital storage media is 
(DSM). Examples of the digital storage media are a CD 
(a compact disc) and a DVD (a digital versatile disc). 
[0003] A conceivable DVD stores encrypted or scram- 
bled digital iriformation pieces representing different 
video titles (that is. video contents of different types) so 
respectively. A DVD player or a DVD drive reproduces 
the encrypted digital information pieces from the con- 
ceivable DVD. ft is desirable that the reproduced digital 
information p ieces are, rereriC TYpted pefore beir>g trarts- 
mitted to an autriCTCeddata^xocebsiiig ap pa ratus such 2s 
as an authorized pers onal corn putec...tn this case, the 
authorized data processing apparatus is permitted to 
decrypt received infor ma tion pieces and then use the 
decryption-resultant information pieces. It is desirable 
that the re-encryptions^of the reproduced information 30 
pieces are independe nt of each otherrand have differ- 
ent re-encryption keys respectively. 

SUMMARY OF THE INVENTION 

35 

[0004] It is a first object of this invention to provide an 
i » |xoved method of processing information on an 
encryption basis. 

[0005] It is a second object of this invention to provide 
an improved system for processing information on an 40 
encryption basis, 

[0006] A first aspect of this invention provides a 
method of processing information. The method com- 
prises the steps of 1) enabling a data processing appa- 
ratus to generate a random number key; 2) enabling the 45 
data processing apparatus to generate a first intennedi- 
ate key in response to the random number key; 3) ena- 
bling the data processing apparatus to memorize the 
first intermediate key in connectionjwrth'ajvid^UJiei:; 4) 
tiartsmrtting a combination of the identifier and the ran- so 
dom number key from the data processing apparatus to 
a reproducing device; 5) enabling the reproducing 
device to generate a second intermediate key in 
response to the random number key; 6) transmitting a 
combination of the identifier and the second inter medi- 55 
ate key from the reproducing device to the data 
processing apparatus; 7) enabling the data processing 
apparatus to retrieve the first intermediate key in 



response to the identifier transmitted from the reproduc- 
ing device; 8) enabling the data processing apparatus to 
decide whether or not the retrieved first intermediate 
key and the second intermediate key are equal to each 
other; 9) tfsoormecting the data processing apparatus 
and the reproducing device from each other when the 
data processing apparatus decides that the retrieved 
first intermediate key and the second intermediate key 
are not equal to each other; 10) enabling the data 
processing apparatus to generate a first bus key in 
response to the first intermediate key; 1 1) enabling the 
data processing apparatus to memorize the first bus key 
in connection with the identifier; 12) enabling the repro- 
ducing device to generate a second bus key in response 
to the second intermediate key; 13) enabling the repro- 
ducing device to memorize the second bus key in.conr.. 
nection with the identifier; 14) transmitting a 
combination of the identif ier and an irtformation request- 
ing command from the data processing apparatus to the 
reproducing device after the data processing apparatus 
decides that the retrieved first intermediate key and the 
second intermediate key are equal to each other; 15) 
enabling the reproducing device to reproduce digital 
information from a recording medium; 16) enabling the 
reproducing device to retrieve the second bus key in 
response to the identifier transmitted from the data 
processing apparatus; 17) enabling the reproducing 
device to encrypt the reproduced digital information into 
encrypted digital information in accordance with the 
retrieved second bus key; 18) transmitting a combina- 
tion of the identifier and the encrypted digital irrforrna- 
tion from the reproducing device to the data processing 
apparatus in response to the iriformation requesting 
command; 19) enabling the data processing apparatus 
to retrieve the first bus key in response to the identifier 
transmitted from the reproducing device; and 20) ena- 
bling the data processing apparatus to decrypt the 
encrypted data in accordance with the retrieved first bus 
key. 

[Q007] A second aspect of this invention provides a 
method of processing information. The method com- 
prises the steps of 1) enabling a reproducing device to 
generate a random number key; 2) enabling the repro- 
ducing device to generate a first intermediate key in 
response to the random number key; 3) enabling the 
reproducing device to memorize the first intermediate 
key in_coroectic^wrrh-arHder^ 4) transmitting a 
combination of the identifier and the random number 
key from the reproducing device to a data processing 
apparatus; 5) enabling the data processing apparatus to 
generate a second intermediate key in response to the 
random number key; 6) transmitting a combination of 
the identifier and the second intermediate key from the 
data processing apparatus to the reproducing device; 7) 
enabling the reproducing device to retrieve the first 
intermediate key in response to the identifier transmit- 
ted from the data processing apparatus; 8) enabling the 
reproducing device to decide whether or not the 
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retrieved first intermediate key and the second interme- 
diate key are equal to each other; 9) tfeconnecting the 
reproducing device and the data processing apparatus 
from each other when the reproducing device decides 
that the retrieved first intermediate key and the second 
intermediate key are not equal to each other; 10) ena- 

. bl'mg the reproducing device to generate a first bus key 
in response to the first intermediate key; 11) enabling 
the reproducing device to memorize the first bus key in 
connection with the identifier; 12) enabling the data 
processing apparatus to generate a second bus key in 
response to the second intermediate key; 13) enabling 
the data processing apparatus to memorize the second 
bus key in connection with the identifier; 14) trarisrnitting 
a cornbination of the identifier and an information 

. requesting command from the data processing appara-L 
tus to the reproducing device after the reproducing 
device decides mat the retrieved first intermediate key 
and the second intermecBate key are equal to each 
other; 15) enabling the reproducing device to reproduce 
digital information from a recording rnerJum; 16) ena- 
bling the reproducing device to retrieve the first bus key 
in response to the identifier transmitted from the data 
processing apparatus; 17) enabling the reproducing 
device to encrypt the reproduced digital information into 
encrypted digital intonnation in accordance with the 
retrieved first bus key; 18)transmfttingacontoinationof 
the identifier and the encrypted digital information from 
the reproducing device to the data processing appara- 
tus in response to the information requesting command; 
19) enabling the data processing apparatus to retrieve 
the second bus key in response to the identifier trans- 
mitted from the reproducing device; and 20) enabling 
the data processing apparatus to decrypt the encrypted 
ctetam^ecordance with the retrieved second bus key. 
[00081/' A third aspect of this invention provides a 

.jnethod of processing information. The method com- 
prises the steps of 1) transrnHfing^anJdent3ie&request=. 
ing command from a data -processing apparatus "to a- 
reproducing a^viceT 2) 3 enabling the reproducing device 
to^electorreiderrtfierfro^ 
tfiere in response to the idenffi 
3) transmitting mexeJectedic^rrtJfter'frc^^ 
ing device to the data processing aprjaratusr 4) enabling 
the data processing apjaialus4o-generate-a4ff6Man- 
domjRart >eriB¥;^enafalro 
ratus to generate^^first intenTiediate.key.in resporee to 
the first random number key; 6) enabling the data 
processing apparatusjtojnemorize the first intermediate^ 
,key-iacor¥»eciionwimttie^ele^ 
fromtheTeprc<focingtdevicev7) transmitting a combina- 
tion of the sefecteoVidenffieuaiid^th^ 
number key from the data processing apparatus to the 
reproducing device; 8) enabling the reproducing device 
to generate a second intermediate .key in response.to 
the first random number key; 9) transmitting a combina- 
tion of the selected identifier and the second intermedi- 
ate key from the reproducing device to the data 



processing apparatus; 10) enabling the data processing 
apparatus to retrieve the first intermediate key in 
response to the selected identifier transmitted from the 
reproducing device; 11) enabling the data processing 

5 apparatus to decide whether or not the retrieved first 
intermediate key and the second intermediate key are 
equal to each other; 12) disconnecting the data 
processing apparatus and the reproducing device from 
each other when the data processing apparatus 

w decides that the retrieved first intermediate key and the 
second intermediate key are not equal to each other; 
13) enabling the reproducing device to generate a sec- 
ond random number key after the data processing 
apparatus decides that .the. retrieved ^ intermediate 

is key and the second intermediate key are equal to each 

— .other; 14) enabling the reproducing device' to generate 
a third intermediate kBy-in^esponse to the secoric^ 
ctom,riiOTtoer.key>15)-e 

to memorize the third intermediate key in connection 

20 with the selected identifier; 1 6) irarisfnfS^^ccmbina- 
tfon of the selected'identifier'and'the-secood. random 
number-key*from 'the-repioducing- device-to-the*data 
processing apparatus; 1 7) enabling the data processing 
apparatus to generate. a kxirm intermediate ^key^in 

25 response,to.me,secc«liBndom,nu^ 

mitting a combination of the selected identifier and the 
fourth intermediate key from the data processing appa- 
ratus to the reproducing device; 19) enabling the repro- 
ducing device to retrieve the third intermediate key in 

$o response to the selected identifier transmitted from the 
data processing apparatus; 20) enabling the reproduc- 
ing device to decide whether or not the retrieved third 
intermediate key and the fourth intermediate key are 
equal to each other; 21) disconnecting the reproducing 

35 device and the data processing apparatus from each 
other when the reproducing device decides that the 
retrieved third intermediate key and the fourth inter me- 
cSate key are not equal to each other; 22) enabling the 
reproducing _devk re_to_ nenerate_ajirstjxrs - key -in 

40 resrx>r^totnasecoiTd aj^ 

enabling the reproducing device to memorize the first 
bus key in connection withfte.seiected.iderrtitier; 24) 
enabling the data processing apparatus to generate a 
second bus key.to response to the first and fourth inter- 

45 n^c^te^ke^, ^enabling the data processing appara- 
tus to memorize the second bus key in connection with 
the identifie r; 26) transmitting a coinbination of the 
selected identifier and an information requesting com- 
mand from the data processing apparatus to the repro- 

so during device after the reproducing device decides that 
the retrieved third intermediate key and the fourth inter- 
mediate key are equal to each other; 27) enabling the 
reproducing device to reproduce digital information from 
a recording medium; 28) enabling the reproducing 

55 device to retrieve the first bus key in response to the 
selected identifier transmitted from the data processing 
apparatus; 29) enabfing the reproducing device to 
encrypt the reproduced digital information into 
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encrypted digital information in accordance with the 
retrieved first bus key; 30) transmitting a cornbinabon of 
the identifier and the encrypted digital irtformation from 
the reproducing device to the data processing appara- 
tus in response to the information requesting command; 
31) enabling the data processing apparatus to retrieve 
the second bus key in response to the identifier trans- 
mitted from the reproducing device: and 32) enabling 
the data processing apparatus to decrypt the encrypted 
data in accordance with the retrieved second bus key. 
[0009] A fourth aspect of this invention provides a sys- 
tem for processing information. The system comprises 
a reproducing device; a data processing apparatus; first 
means provided in the data processing apparatus for 
generating a random number key; second means pro- 
vided in the data processing apparatus for generating a 
first intermediate key in response to the random number 
key; third means provided in the data processing appa- 
ratus for memorizing the first intermediate key in con- 
nection with an identifier; fourth means for transmitting a 
combination of the identifier and the random number 
key from the data processing apparatus to the reproduc- 
ing device; fifth means provided in the reproducing 
device for generate a second intermediate key in 
response to the random number key; sixth means for 
transmitting a combination of the identifier and the sec- 
ond intermediate key from the reproducing device to the 
data processing apparatus; seventh means provided in 
the data processing apparatus for retrieving the first 
intermediate key in response to the identffier transmit- 
ted from the reproducing device; eighth means provided 
in the data processing apparatus for deciding whether 
or not the retrieved first intermediate key and the sec- 
ond intermediate key are equal to each other; ninth 
means for disconnecting the data processing apparatus 
and the reproducing device from each other when the 
eighth means decides that the retrieved first intermedi- 
ate key and the second intermediate key are not equal 
to each other; tenth means provided in the data 
processing apparatus for generating a first bus key in 
response to the first intermediate key; eleventh means 
provided in the data processing apparatus tor memoriz- 
ing the first bus key in connection with the identifier; 
twelfth means provided in the reproducing device tor 
generating a second bus key in response to the second 
intermediate key; thaleerrth means provided in the 
reproducing device for memorizing the second bus key 
in connection with the identffier; fourteenth means for 
transmitting a combination of the identifier and an infor- 
mation requesting command from the data processing 
apparatus to the reproducing device after the eight 
means decides that the retrieved first intermediate key 
and the second intermediate key are equal to each 
other; fifteenth means provided in the reproducing 
device for reproducing digital information from a record- 
ing medium; sixteenth means provided in the reproduc- 
ing device for retrieving the second bus key in response 
to the identifier transmitted from the data processing 



apparatus; seventeenth means provided in the repro- 
ducing device for encrypting the reproduced digital 
information into encrypted digital information in accord- 
ance with the retrieved second bus key; eighteenth 

5 means for transmitting a corrrxnation of the identifier 
and the encrypted digital irtformation from the reproduc- 
ing device to the data processing apparatus in response 
to the irrformation requesting command; nineteenth 
means provided in the data processing apparatus for 

w retrieving the first bus key in response to the identifier 
transmitted from the reproducing device; and twentieth 
means provided in the data processing apparatus for 
decrypting the encrypted data in accordance with the 
retrieved first bus key. 

is [0010] A fifth aspect of this invention provides a sys- 
tem for processing information. - The system .comprises-.- 
a reproducing device; a data processing apparatus; first 
means provided in the reproducing device for generat- 
ing a random number key; second means provided in 

20 the reproducing device for generating a first intermedi- 
ate key in response to the random number key; third 
means provided in the reproducing device for memoriz- 
ing the first intermediate key in connection with an iden- 
tifier; fourth means for transmitting a combination of the 

25 identifier and the random number key from the repro- 
ducing device to a data processing apparatus; fifth 
means provided in the data processing apparatus for 
generating a second intermediate key in response to 
the random number key; sixth means for transmitting a 

so combination of the identifier and the second intermedi- 
ate key from the data processing apparatus to the repro- 
ducing device; seventh means provided in the 
reproducing device for retrieving the first intermediate 
key in response to the identifier transmitted from the 

35 data processing apparatus; eighth means provided in 
the reproducing device for deciding whether or not the 
retrieved first intermediate key and the second interme- 
diate key are equal to each other; ninth means for dis- 
connecting the reproducing device and the data 

40 processing apparatus from each other when the eighth 
means decides that the retrieved first intermediate key 
and the second intermediate key are not equal to each 
other; tenth means provided in the reproducing device 
for generating a first bus key in response to the first 

45 intermediate key; eleventh means provided in the repro- 
ducing device for memorizing the first bus key in con- 
nection with the identifier; twelfth means provided in the 
data processing apparatus for generating a second bus 
key in response to the second intermediate key, thir- 

so teenth means provided in the data processing appara- 
tus for memorizing the second bus key in connection 
with the identifier; fourteenth means for transmitting a 
corrdoirtation of the identifier and an information request- 
ing command from the data processing apparatus to the 

55 reproducing device after the eighth means decides that 
the retrieved f irst intermediate key and the second inter- 
mediate key are equal to each other; fifteenth means 
provided in the reproducing device for reproducing dig- 
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Hat information from a recording medium; sixteenth 
means provided in the reproducing device for retrieving 
the first bus key in response to the identifier transmitted 
from the data processing apparatus; seventeenth 
means provided in the reproducing device tor encrypt- 
ing the reproduced digital information into encrypted 
tfgital information in accordance with the retrieved first 
bus key; eighteenth means for transmitting a combina- 
tion of the identifier and the encrypted digital informa- 
tion from the reproducing device to the data processing 
apparatus in response to the information requesting 
command; nineteenth means provided in the data 
processing apparatus for retrieving the second bus key 
in response to the identifier transmitted from the repro- 
ducing device; and twentieth means provided in the 
. data processing apparatus tor depicting the erxaypted 
data in accordance with the retrieved second bus key. 
[0011] A sixth aspect of this invention provides a sys- 
tem for processing information. The system comprises 
a reproducing device; a data processing apparatus; first 
means for transnitting an identifier requesting com- 
mand from the data processing apparatus to the repro- 
ducing device: second means provided in the 
reproducing device for selecting one identfier from 
among predetermined identifiers in response to the 
identfier requesting command; third means for trans- 
mitting the selected identfier from the reproducing 
device to the data processing apparatus; fourth means 
provided in the data processing apparatus to generate a 
first random number key; fifth means provided in the 
data processing apparatus tor generating a first inter- 
mediate key in response to the first random number key; 
sixth means provided in the data processing apparatus 
for memorizing the first intermediate key in connection 
with the selected identifier transmitted from the repro- 
ducing device; seventh means tor transmitting a combi- 
nation of the selected identfier and the first random 
number key from the data processing apparatus to the 
reproducing device; eighth means provided in the repro- 
ducing device for generating a second intermediate key 
in response to the first random number key; ninth 
means for transmitting a combination of the selected 
identfier and the second intermediate key from the 
reproducing device to the data processing apparatus; 
tenth means provided in the data processing apparatus 
for retrieving the first intermediate key in response to the 
selected identfier transmitted from the reproducing 
device; eleventh means provided in the data processing 
apparatus for deciding whether or not the retrieved first 
intermediate key and the second intermediate key are 
equal to each other; twetfth means for Disconnecting the 
data processing apparatus and the reproducing device 
from each other when the eleventh means decides that 
the retrieved first intermediate key and the second inter- 
mediate key are not equal to each other; thirteenth 
means provided in the reproducing device for generat- 
ing a second random number key after the eleventh 
means decides that the retneved first intermediate key 



and the second intermediate key are equal to each 
other; fourteenth means provided in the reproducing 
device for generating a third intermediate key in 
response to the second random number key; fifteenth 

5 means provided in the reproducing device for memoriz- 
ing the third intermediate key in connection with the 
selected identfier; sixteenth means for transmitting a 
combination of the selected identifier and the second 
random number key from the reproducing device to the 

io data processing apparatus; seventeenth means pro- 
vided in the data processing apparatus tor generating a 
fourth intermedate key in response to the second ran- 
dom number key; eighteenth means for transmitting a 
combination of the selected identifier and the fourth 

is intermediate key from the data processing apparatus to 
the reproducing device; nineteenth jneans provided. in. 
the reproducing device for retrieving the third intermedi- 
ate key in response to the selected identifier transmitted 
from the data processing apparatus; twentieth means 

20 provided in the reproducing device for deciding whether 
or not the retrieved third intermediate key and the fourth 
intermediate key are equal to each other; twenty-first 
means for disconnecting the reproducing device and the 
data processing apparatus from each other when the 

25 twentieth means decides that the retrieved third inter- 
mediate key and the fourth intermediate key are not 
equal to each other; twenty-second means provided in 
the reproducing device for generating a first bus key in 
response to the second and third intermediate keys; 

30 twenty-third means provided in the reproducing device 
for memorizing the first bus key in connection with the 
selected identifier; twenty-fourth means provided in the 
data processing apparatus tor generating a second bus 
key in response to the first and fourth irrtermediate keys; 

35 twenty -fifth means provided in the data processing 
apparatus for memorizing the second bus key in con- 
nection with the identifier; twenty-sixth means for trans- 
mitting a combination of the selected identifier and an 
information requesting command from the data 

40 processing apparatus to the reproducing device after 
the twentieth means decides that the retrieved third 
intermediate key and the fourth intermediate key are 
equal to each other; twenty-seventh means provided in 
the reproducing device for reproducing digital infer ma- 

45 tion from a recording medium; twenty-eighth means 
provided in the reproducing device for retrieving the first 
bus key in response to the selected identifier transmrt- 
ted from the data processing apparatus; twenty-ninth 
means provided in the reproducing device for encrypt- 

so ing the reproduced digital information into encrypted 
digital information in accordance with the retrieved first 
bus key, thirtieth means for transmitting a combination 
of the identifier and the encrypted digital information 
from the reproducing device to the data processing 

55 apparatus in response to the information requesting 
command; thirty-first means provided in the data 
processing apparatus for retrieving the second bus key 
in response to the identifier transmitted from the repro- 
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ducing device; and thirty-second means provided in the 
data processing apparatus tor decrypting the encrypted 
data in accordance with the retrieved second bus key. 

BRIEF DESCRIPTION OF THE DRAWINGS 5 
10012] 

Fig. 1 is a bock cfiag/am of an information process- 
ing system according to a first embodiment of this io 
invention. 

Fig. 2 is a block cfiagram of a medium drive device 
in Fig. 1. 

Fig. 3 is a block diagram of a data processing appa- 
ratus in Fig. 1. is 

Fig. 4 is a cfiagram of a command structure used in 

the information processing system of Fig. 1. 
Fig. 5 is a diagram of a data structure used in the 
information processing system of Fig. 1 . 
Fig. 6 is a cfiagram of an arrangement of a storage so 
area in a memory in Fig. 2. 
Fig. 7 is a cfiagram of an arrangement of a storage 
area in a memory in Fig. 3. 
Fig. 8 is a cfiagram of a sequence of steps of com- 
munications between the medium drive device and 2s 
the data processing apparatus in Fig. 1. 
Fig. 9 is a block cfiagram of an information process- 
ing system according to a fourth embodiment of this 
invention. 

Fig. 10 is a block cfiagram of a medium oVive device 30 

in an information processing system according to a 

fifth embodiment of this invention. 

Fig. 11 is a block diagram of a data processing 

apparatus in the information processing system 

according to the fifth ernbodiment of this invention. 35 

Fig. 12 is a block cfiagram of an encrypting and 

authenticating portion in Fig. 10. 

Fig. 13 is a block cfiagram of a decrypting and 

authenticating portion in Fig. 11. 

40 

DESCRIPTION OF THE PREFERRED EMBODI- 
MENTS 

First Embodiment 

45 

[0013] With reference to Fig. 1. an inJumdUon 
processing system of a first entoodnrtent of this inven- 
tion includes a player or a mecfium drive device 21 for 
reading out data from a digital storage medium 11. It 
should be noted that the data recorded on the digital so 
storage medium 1 1 may represent scrambled informa- 
tion (encrypted information). The mecfium drive device 
21 is a rerxoducing device- The medium drive device 21 
is connected via a data bus 31 to a data processing 
apparatus 41. tn general, the data processing appara- ss 
tus 41 includes a personal computer. 
[0014] The data processing apparatus 41 transmits 
signals of commands to the medium drive device 21 via 



the data bus 31. Tto^commands represented byjhe.stg^ 
nals include a command of requesting the rrtedium drive , 
device"2i : to transmit data toward the data processing 
apparatus 41. The medium drive device 21 transmits 
the data, which is read out from the digital storage 
mecfium 11. to the data processing apparatus 41 in 
response to.the data requeuing corrrriand. 
[00151 In the data processing apparatus 41 , an appfi- 
caiion program operates. The application program 
requests the medium d rive de vice 21 to transmit data : to 
the data processing apparatus 41 . The application pro- 
gram controls the data processing apparatus 41 to proc- 
ess the data into an aucSo signal and a video signal, and 
to output the aucfio signal and the video signal. 
[0016] As shown in Fig. 2, the medium drive device 21 
_incfudes*a~ reproducing ^unit 211, -an encrypting -and — ~ 
authenticating portion 212. a controller 216, and an 
interface 217. The encrypting and aumentfcating por- 
tion 212 includes an encrypting device 213, a memory 
214. and an authenticating device 215. 
[0017] The reproducing unit 21 1 can access the digital 
storage medium (DSM) 11. The reproducing unifc21 t 1*is 
connected to the er»ayptingdevice:213 ; 8^ 
ler 216 The encrypting device 213 is connected to the 
memory 214 and the controller 216. The encrypting 
device 213, the authenticating device 215, and the inter- 
face 217 are connected to each other. The memory 214 
is connected to the authenticating device 215. The 
authenticating device 215 is connected to the controller 

216. The controller 216 is connected to the interface 

217. The interface 217 is connected to the data 
processing apparatus 41 (see Fig. 1) via the data bus 
31. 

[0018] The reproducing unit 211 accesses the digital 
storage medium 1 1 . ancj^eproduces the data therefrom: 
In the case where the digital storage medium 11 is a 
DVD, the reproducing unit 211 includes a spindle motor 
for rotating the DVD, an optical pickup head for reading 
out the data from the DVD, a servo control circuit,; a 
demodulator, and an error correction circuit The inter- 
face 21 7 is of a known type such as an ATAPI type. The 
controller 216 includes, for example, a CPU, a micro- 
processor, or a digital signal processor programmed to 
control the reproducing unit 211. the encrypting device 
213, the authenticating device 215. and the interface 
217. 

[0019] As shown in Fig. 3, the data processing appa- 
ratus 41 includes an interface 41 1 and a decoder card 
414. The data processing apparatus 41 also includes a 
personal computer to which the interface 411 and the 
decoder card 414 are added. The interface 41 1 is con- 
nected to the medium drive device 21 (see Figs. 1 and 
2) via the data bus 31. The interface 411 is connected 
via an WO bus 412 to the personal computer and the 
decoder card 414. The interface 411 is of a known type 
such as the ATAPI type. The decoder card 414 is con- 
nected to the personal computer. 
[0020] Trie decoder card 414 includes a decrypting 
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and authenticating portion 415 and a decoder portion 
425. The decrypting and authenticating portion 415 
includes an authenticating device 416, a memory 417, 
and a decrypting device 418. The decoder portion 425 
includes a data separator 426, a video decoder 427, 
and an audio decoder 428. 

[0021] The authenticating device 416 is connected to 
the:WXbuSi412-and the rneraofy-44?c-The decrypting 
device 41 8 is connected to the I/O bus 41 2, the memory 
417, and the data^separatof=426rThe data separator 
426 is connected to the video decoder 427 and the 
audio decoder 428. The video decoder 427 is con- 
nected to a video card 424 in the personal computer. 
[0022] The personal computer includes an internal 
bus interface 413 connected between the I/O bus 412 
..and a bcalibus-4ia Also, the personal computer . 
includes a r najn^nemfffiffipr a host CPU 421. a hard 
disc interlace (HDD l/F) 422. and the video card 424 
which are connected to the local bus 419. Furthermore, 
the personal computer includes a hard disc drive (HDD) 
423 and a display (not shown). The hard disc drive 423 
is connected to the hard disc interface 422. The display 
is connected to the video card 424. The display 
includes, for example, a CRT (cathode ray tube) or an 
LCD (liquid crystal display). 

[0023] The personal computer can control the 
decoder card 414, that is, the decrypting and authenti- 
cating portion 415 and the decoder portion 425. 
[0024] With reference back to Fig. 2, the encrypting 
and authenticating portion 212 includes the memory 
214. During operation of the encrypting and authenticat- 
ing portion 212, the memory 214 is used in storing infor- 
mation pieces of Keys. The encrypting and 
authenticating portion 212 is designed to prevent the 
memory 214 from being drectfy accessed by an exter- 
nal. Accordingly, it is possixe to prevent a leakage of 
the key in tunna U un pieces from the memory 214 to the 
data bus 31 and the controller 216. 
[0025] With reference to Fig. 3, thereto yfjUito /an d 
authenticating portion 415 includes the memory 417. 
During operation of the decrypting and authenticating 
portion 415, the memory 417 is used in storing informa- 
tion pieces of keys. The decrypting and authenticating 
portion 415 is designed to prevent the memory 417 from 
being directly accessed by an external. Accordingly, it is 
possible to prevent a leakage of the key information 
pieces from the memory 41 7. 
[0026] As previously ixficated, the data processing 
apparatus 41 transmits signals of commands to the 
medium drive device 21 via the data bus 31. The com- 
mands are of a rxedete^'riedjsfructure. As shown in 
Fig. 4. each command'has a seo^ence ot a command 
code, an identifie r LUN. an identifier ID, and a command 
parameter. The "(Srnrnand cddere^ents a type of the 
related command, that is, what the related command 
requests the medium drive device 21 to da Jhejidg nti- 

^er«LUf^iixiicates.a=destir*at^ 

* related command is directed. Thus, in this case, the 



identifier LUN indicates th ejr>edtuna4 nve"dgvicfr21. 
[0027] The medium drive device 21 transmits data 
blocks to the data processing apparatus 41. The data 
blocks are of a predetermined structure. As shown in 

s Fig. 5, each data block has a sequence of a first area 
assigned to information of a data parameter, a second 
area assigned to information of an identifier LUN, a third 
area assigned to irTtormation of an identifier ID, and a 
fourth area assigned to data. The data in the fourth area 

10 rs that read out from the digital storage medium 1 1 . The 
data parameter represents The length of the related 
data block, or the length of the data in the fourth area. 
The identifier LUN indicates a sender device from which 
the related data block is transmitted. Thus, in this case, 

is the identif ier LUN indicates the medium drive device 2 1 . 

[0028] ft should be noted That The irtformation of . the -. 

identifier ID may be omitted from the data block to 
reduce the length of the data block, 
[0029] In general, the memory 214 is used in tempo- 
re rarity storing data pieces representing various informa- 
tion pieces respectively. As shown in Fig. 6, the memory 
214 has a storage area divided into sub areas Tempi, 
Temp2, ■ * • , and Tempn where "n" denotes a predeter- 
mined natural number equal to two or greater. Each of 

25 the sub areas Tempi, Temp2, • • and Tempn has 
sections assigned to information pieces of an identifier 
ID and various keys respectively. The sub areas Tempi. 
Temp2, • • • , and Tempn can be assigned to "n" differ- 
ent identifiers ID respectively. Accordingly, the sub 

30 areas Tempi ,Temp2, and Tempn can be discrim- 
inated from each other by referring to the identifiers ID. 
This means that the identifiers ID can be used as 
addresses of the sub areas Tempi; Temp2. • - - . and 
Tempn respectively. 

35 [0030] The memory 214 can store information pieces 
of identifiers: ID respectively. Also, the memory 214 can 
store information pieces of intenrtediate^keys^which^are 
parameters for authentication and encryption in cortnec- 
tion^wtthfthe respective io^ntifiers ID? The intermediate 

40 keys are vanabjes^which are generated on the-basis of 
random nunTberskoys (challenge keys) according to a 
predetermined aJgorrthrrbor al g uUh ii s . The authenti- 
cating device 215 includes a memory which stores infor- 
mation of the predetermined algorithm or, algorithms. 

45 When the total number of used identifiers ID is equal to 
"n", "n" sets of intermediate keys are generated. 
[0031] In general, the memory 41 7 is used in tempo- 
rarily storing data pieces representing various informa- 
tion pieces respectively. As shown in Fig. 7, the memory 

so 417 has a storage area divided into sub areas Tempi, 
Temp2. • • • , and Tempn where "n" denotes a predeter- 
mined natural number equal to two or greater. Each of 
the sub areas Tempi, Temp2, • • •. and Tempn has 
sections assigned to information pieces of an identifier 

55 ID and various keys respectively. The sub areas Tempt , 
Temp2, • • • . and Tempn can be assigned to "n" differ- 
ent identifiers ID respectively. Accordingly, the sub 
areas Tempi , Temp2, • • • , and Tempn can be discrim- 
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inated from each other by referring to the kteotifceroMDr'* 
This means that the ^jdentifieiss ID ^ can bemused -as 
addresses of the sub areas Tempi, Temp2, • - - , and 
Tempn respectively. 

[0032] The memory 41 7 can store i n for mati on pieces s 
of dentifiersiPj^pectivefy-Ateo. the memory 41 7 can 
store information pieces of intermedtate.Kevs which are 
parameters for aiithentkstfoaaj^ 
tion with the respective; identifiers: IDb»The intermediate 
keys are variables which are generated oathejbasts-of 10 
randcfn.nunfeer Jeers (challenge keys) according to a 
predetermined algorithm or algorithms. The authenti- 
cating device 416 includes a memory which stores infor- 
mation of the predetermined algorithm or algorithms. 
When the total number of used identifiers ID is equal to is 

"nV"n:sets of intermediate keys are generated ., 

[0033] The encrypting device 21 3 in the medium drive 
device 21 includes, for example, a CPU, a nricroproces- 
sor, or a digital signal processor programmed to imple- 
ment processes indicated later. The authenticating so 
device 215 in the medium drive device 21 includes, for. 
example, a C^U a nriicraprocessor. or a digital signal 
processor programmed to implement processes incB- 
cated later. The authenticating device 416 in the data 
processing apparatus 41 includes, for example, a CPU zs 
a nricroprocessor, or a digital signal processor pro- 
grammed to implement processes indicated later. The^ 
decrypting device 418 in the data processing apparatus 
41 includes, for example, a CPU, a microprocessor, or a 
digital signal processor programmed to implement proc- 30 
esses indicated later. 

[0034] With reference to Fig. 8, a sequence of proc- 
esses implemented by the data processing apparatus 
41 and the mecBum drive device 21 has a first stage (a 
first phase) for authentication start a second stage (a 3s 
second phase) for authentication of a medium drive 
device, a third stage (a third phase) for authentication of 
a data processing apparatus, a fourth stage (a fourth 
phase) for generation of a bus key. and a fifth stage (a 
fifth phase) for data encryption and data transmission. 40 
[0035] When ^the.perscfial-axnpu^- in -the data 
processing apparatus 41 starts ,to • 6xecute T an applica- 
tion program which has a step of requesting me medium 
drive device 21 tXHtransri^^ata^from the cfigrtal storage 9 
medium 1 1 , the authentication start stage commences: 45 
During the auUto tftfabp n ^totstapje, thedfcita process- 
ing apparatus 41 transmits assignal^of 'an°identifier 
requesting axnnTand.toflw medium via 
the data bus 31 . The signal of the identif ier requesting 
command is generated by4he^ersonartC4r$iJter. so 
[0036] During the authentication start stage, the 
medium drive device 21 receives the signal of the iden- 
tifier requesting command via the data bus 31. In the 
medium drive device 21. the signal of the identifier 
requesting command travels through the interlace 21 7 55 
and then reaches the controller 216. The controller 216 
detects the type of the present command. In other 
words, the controller 216 decides the present command 



to be an identifier requesting command. The controller 
1 216 selects unused one of predetermined different iden- 
Vtifier s ID in re sponse to' the jderrtrrier rec^esting:c»m- 
Imandj It should be noted that the controller 216 includes 
i a memory stccingruilwiifeilion-'Of a th6'firSJetenTiined 
Jide^jers'jD^and has a function of detecting whether 
peach of the predetermined identifiers ID is used or 
lurJusoLJhe controller 216 generates a signal of The 
[selected identifier ID. The controller 21 6 outputs the sig- 
nal of the selected identifier^D to the interface 21 7. The 
interface 217 is controlled by the controller 216, trans- 
mitting the stojial of the selected 1 identifier' ID to the data 
processing apparatus 41 via Thaftataihrsai. The con- 
troller 216 outputs the signal of the seiected identifier^D' 
to the authenticating device 215. The authenticating 
device 215 stores the signal of the.setected idBntifier_l r i_ 
into unused one of the sub areas Tempt, Temp2, 
and Temp in the memory 214. 
[0037] During the authentication start stage, the data 
processing apparatus 41 receives the signal of the 
selected identifier ID via the data bus 31. In the data 
processing apparatus 41, The signal of the selected 
identiiter.IDi travels through the interface 41 1 and then 
reaches the decrypting:and authentk^ating'portion 415 
via the IAD bus 412. In the decrypting and authenticating 
portion 415. the authenticating device 416 receives the 
signal of the selected identifier ID. The authenticating 
device 41 6 stores the signal of the selected rientifief ID« 
into unused one of the sub areas Tempi, Temp2, 
and Tempn in the memory 417. Then, the authenticating 
device 416 informs the personal computer of the com- 
pletion of the authentratiojvstartstage. 
[0038] The mediumndrive^evice authentication stage 
follows the ^irthenticatiQrutsja rt .c stag r. During the 
metfum-otfve-device authentication stage, the authenti- 
cating device^:! 6 in the data processing apparatus 41 
generates . a signal <fi^Ka*chafienge Ji ksy (a random 
numbec-key) "1". The aAirt^calmg device; 416 
includes a random : nuni>eug^neratDr>for»produdi^ a a 
rarKjomourj&er. The challenge key "1 " is determined by 
the produced random number. Accordingly, the contents 
of the rjresent^chal jenge^key^l = are Different from those 
of challenge keys "1" produced at other moments. The 
authenticating device 4A6*cenfctnes»tbe*6ip^ahc4*tbe 
selected klentrf ierjlD ajxl the«ip^ial of the chaftenge key 
"1 " into a first composite signal. The first composite sig- 
nal represents a set.of. the selected iden tifier ID and the 
chaDengeJiBy-^". The aufi^rtticaiing u device 416 feeds 
the first composite signal to the interface 411 via the I/O 
bus 412. The data processing apparatus 41 transmits 
the first comp osite signal to the medium dr ive device 21 
via the data bus 31. 

[0039] During the medium-drive-device authentication 
stage, the authenticating device 416 in the data 
•processing apparatus 41 generates a signal of an inter- 
mediate key CD on the basts of the challenge key "1" 
according to a predetermined algorithm. The authenti- 
cating device 416 has a memory storing information of 
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the predetermined algorithm. The authenticating device 
416 searches the memory 417 for a target sub area 
which stores the signal of the selected identifier ID. Spe- 
cifically, the authenticating device 416 sequentially 
reads out signals of identifiers from the sub areas 5 
Tempi, Temp2, • • • , and Tempn of the memory 417, 
and then decides whether or not the readout identifiers 
are equal to the selected identifier. The authenticating 
device 416 detects the target sub area by finding the 
readout identifier which equals the selected identifier. 10 
The authenticating device 416 accesses the target sub 
area of the memory 417 which stores the signal of the 
selected identifier ID. T he authenticating device A1 6 
w rites the signal of the chaDen ge keyJJl and the signa l 
of th e intermedate l^_CD^irtto.the.a<x^ssed sub.area 15 
(the target sub area) of.the rr>ernorY_417. that is.,the,sub .. „ 
area of the memory 417 which stores the signal of the 
selected identifier ID. tn this way. the signal of the chal- 
lenge key "1" and the signal of the intermediate key ® 
are stored , irtto , the , menToiy*417-while-being made, to 20 
rtaro'a relation with the sig^ 
l 1D.=^ 

[0040] During the rnedtunKlriveKJevice authentication 
stage, the medium drive device 21 recejttes^e^is^ 

signal o f the selected identifier ID and the 2s 
[e feey ^Lvia .the data bus 31 . fn the medium 
drive device 21, the first composite signal travels 
through the interface 217 and then reaches the authen- 
ticating device 215. The authenticating device 215 
extracts the signal of the selected identifier ID from the 30 
first composite signal. The authenticating device 215 
extracts the signal of,the.cnaIiengeJ«yJ^ 
conpcsite signal. The aiithenticating device 215 gener- 
ates ^^jn/^.gf.anJntBfmediate^ 
thfwjvnnmQn.ltf^^l -rffTOfTiing tn n-prfrlf^rnTnfTl 3S 
algorithm which is— equai-to-the^intemiediate^^ 
gjneiatng'akjori^nm>tJse^Mvi^ 
416 in The data processing apparatus 41 . The authenti- 
cating device 215 has a memory storing information of 
the predetermined algorithm The authenticating device 40 
215 searches The memory 214 for a target sub area 
which stores the signal of the selected identifier ID. Spe- 
cifically, the authenticating device 215 sequentially 
reads out signals of identifiers from the sub areas 
Tempi. Temp2. • • • . and Tempn of the memory 214. 45 
and then decides whether or not the reado ut identifiers 
are equal to the selected identifier. The authenticating 
device 215 detects the target sub area by finding the 
readout identifier which equate the selected identifier. 
The authenticating device 215 accesses the target sub 50 
area of the memory 214 which stores the signal of the 
selected identifier ID. The authenticating device 215 
writes the signal of the challenge key "1" and the signal 
of the intermediate key 0 into the accessed sub area 
(the target sub area) of the memory 214. that is, the sub ss 
area of the memory 214 which stores the signal of the 
selected identifier ID. tn this way, the sigfa o f the chal- 
lenge keyj^and th e signal of.thejriterrnediatelkey'© 1 



are stored into the memory 214 wh9e being made to 
have a relation with the signal of the selected identifier 
ID. 

[0041 ] During the mediun>drive-d evice authentication 
stage, the authenticating device 215*<x*ribmes the^ig- 
nal of the sdected^dentifieulD,and=the3Sigrial:of 
iftt^medjate^^«0einto»a^ 
The second composite signal represents a set of the 
selected identifier ID and the intermediate key ©. The 
authenticating device 215 feeds the second composite 
signal to the interface 217. The interface 21 7 is control- 
led by the controller 216, transmitting the second com- 
posite signal to the data processing apparatus 41 via 
the data bus 31. 

[0042] During the mediurr^rrveKfevtce authentication 
stage,. the. data processing apparatus 41 receives the- 
second composite signal via the data bus 31 . The sec- 
ond composite signal represents a. set of the selected 
identifieMDjujriJte^ In the data 

processing apparatus 41, the second composite signal 
travels through the interface 411 and then reaches the 
decrypting and authenticating portion 415 via the I/O 
bus 412. tn the decrypting and authenticating portion 
415, the authenticating device 416 receives the second 
composite signal. The authenticating device 416 
extracts the signal of the intermediate key ® from the 
second composite signal. The authenticating device 
416 extracts the signal of the selected identifier ID from 
the second composite signal. The authenticating device 
416 searches the memory 417 for a target sub area 
which stores the signal of the selected identifier ID. Spe- 
cifically, the authenticating device 416 sequentially 
reads out signals of identifiers from the sub areas 
Tempi , Temp2, * * • , and Tempn of the memory 417. 
and then decides whether or not the readout identifiers 
are equaMo-the setected:identif ier. The authenticating 
device 416 detects the target sub area by finding the 
readout identifier which equals the selected identifier. 
The authenticating device 416 accesses the target sub 
area of the memory 417 which stores the signal of the 
selected identifier ID. The authenticating device 416 
reads out the signal of the intermediate key (D from The 
accessed sub area (the target sub area) of the memory 
417. The authenticating device 416 compares the inter- 
mediate key (D and the intermedjate key © to decide 
whether or not the two keys are equal to each other. 
When rt is decided that the intermediate key (D and The 
intermediate key <2> are not equal to each other, the 
authenticating device 416 tnnfrrts further communica- 
tion between the data processing apparatus 41 and the 
medium drive device 21. In other words, the data 
processing apparatus 41 is disconnected from the 
medium drive device 21. When it is decided that the 
intermediate key ® and the intermediate key 0 are 
equal to each other, the o^ta-processing-apparatus 
authentication stage is comnoenced. Specifically, the 
authenticating device 416 informs the personal compu- 
ter that the intermediate key.0,a^j=Th^.intermediate 
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key © are equal to each other. The personal computer 
generates a signal of an authentication j^squesting com- 
mand in response tojhejgy equality Jntormation. The 
data processing apparatus 41 transmits the signal of the 
authentication requesting command to the medium 
drive device 21 via the data bus 31. The signal of the 
authentication requesting command contains the signal 
of th« selected identffietlDr- 
[0043] During the dataixocessing-apparatus authen- 
tication stage, the medium drive device 21 receives the 
signal of the authentication requesting command via the 
data bus 31. In the medium drive device 21, the signal 
of the authentication requesting command travels 
through the interface 217 and then reaches the control- 
ler 216. The controller 216 detects -the =type of the 
presert command, tn other words,. the controller 216: 
decides the present command to be an authentication 
requesting command. The controller 216 controls the 
authenticating device 21 5 tn response to the authentica- 
tion requesting command. The^ccftfrpaer 216;: extracts 
the signal ctf trm selecte d/rierr^^ 
the jauJtKOTtical^ The controller 

216 informs the authenticating device 215 of the 
selected identifier ID. 

[0044] During the d^iDrrjcessing-apparatus authen- 
tication stage, the authenticating device 215 in the 
medium drive device 21 QOTerates.a.sigrial^ot a chal- 
lenge key (a random number key) "2". The authenticat- 
ing device 215*ihcludes a generator for 
producing a random number. The challenge key "2" is 
determined by the produced random number. Accord- 
ingly, the contents of the present challenge key "2" are 
different from those of challenge keys "2" produced at 
other moments. Furthermore, the contents of the chal- 
lenge key "2" are different from those of the present 
challenge key "1" produced by the data processing 
apparatus 41. The authenticating device 215 combines 
the signal of the selected identifier ID and the signal of 
the challenge key "2" into a third composite signal. The 
tNfcMxxnpositatSjgijaUeprese 
identifier ID and the challenge key "2". The authenticat- 
ing device 215 teeds-trte'tr^ corntxasrte.si gnd.to.the 
interface 21 7. The interface 21 7 is controlled by the con- 
troller 216, transmitting the third composite signal to the 
data processing apparatus 41 via the data bus 31. 
[0045] Diinng thedata-processing/appm 
tication stage, tbe*^uther4tirjatiric«device=2l^^ 
medium drive device 21 generates a signal of an inter- 
mediate.key-<3> c c<i thebas^ 
according to:&predeterrrined algorithm. The authenti- 
cating device 215 has a memory storing information of 
the predetermined algorithm. The authenticating device 
215 searches the memory 214 for a target sub area 
which stores the signal of the selected identifier ID. Spe- 
cthcalry, the authenticating device 215 sequentially 
reads out signals of identifiers from the sub areas 
Tempi. Temp2, * • • , and Tempo of the memory 214, 
and then decides whether or not the readout identifiers 



are equal to the selected identifier. The authenticating 
device 215 detects the target sub area by finding the 
readout identifier which equals the selected identifier. 
The authenticating device 215 accesses the target sub 

s area of the memory 214 which stores the signal of the 
selected identifier ID. The authenticating device 215 
writes the signal of the challenge key "2" and the signal 
of the intermediate key Q) into the accessed sub area 
(the target sub area) of the memory 214, that is, the sub 

io area of the memory 214 which stores the signal of the 
selected identifier ID. In this way, the signal of the chal- 
lenge key "2" and the signal of (he intermediate key <S> 
are stored into the memory 214 while being made to 
have a relation with the signal of the selected identifier 

15 ID. 

[0046] During the date-processing-apparatus authen- 
tication stage, the data processing apparatus 41 
receives the third cornposrte signal of the selected iden- 
tifier ID and the challenge key "2" via the data bus 31 . In 

20 the data processing apparatus 41, the third composite 
signal travels through the interface 411 and then 
reaches the authenticating device 416 via the I/O bus 
412. The authenticating device 416 extracts the signal 
of the selected identifier ID from the third composite sig- 

25 nal. The aiimerrticating device 416 extracts the signal of 
the challenge key "2" from the third composite signal. 
The authenticating device 416 generates a signal of an 
intermediate key (g) on the basis of the challenge key 
"2" according to a predetermined algorithm which is 

X equal to the intermediate-key-® -generating algorithm 
used in the authenticating device 215 in the medium 
drive device 21. The authenticating device 416 has a 
memory storing information of the pr edetermined'aJgo- 
rithm. The authenticating device 416 searches the 

35 memory 41 7 for a target sub area which stores the sig- 
nal of the selected identifier ID. Specifically, the authen- 
ticating device 416 sequentially reads out signals of 
identifiers from the sub areas Tempi , Temp2, • • • , and 
Tempn of the memory 417, and then decides whether or 

40 not the readout identifiers are equal to the selected 
identifier. The authenticating device 41 6 detects the tar- 
get sub area by finding the readout identifier which 
equals the selected identifier. The authenticating device 
416 accesses the target sub area of the memory 417 

45 which stores the signal of the selected identifier ID. The 
autrtenticating device 416 writes the signal of the chal- 
lenge key "2" and the signal of the intermediate key <S> 
into the accessed sub area (the target sub area) of the 
memory 417, that is, the sub area of the memory 417 

so which stores the signal of the selected identifier ID. tn 
this way, the signal of the challenge key T and the sig- 
nal of the intermediate key ® are stored into the mem- 
ory 417 while being made to have a relation with the 
signal of the selected identifier ID. 

55 [0047] During the data-prcressincrapparatus authen- 
tication stage, The authenticating device 416 combines 
the signal of the selected identifier ID and the signal of 
the intermediate key @ into a fourth composite signal. 
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The fourth composite signal represents a set of the 
selected identifier ID and the intermediate key ®- The 
authenticating device 416 feeds the fourth composite 
signal to the interface 411 via the I/O bus 412. The data 
processing apparatus 41 transmits the fourth composite 
signal to the medium drive device 21 via the data bus 
31. 

[0048] During the dataixocessing-apparatus authen- 
tication stage, the medium drive device 21 receives the 
fourth composite signal via the data bus 31 . The fourth 
composite signal represents a set of the selected iden- 
tifier ID and the intermediate key @. tn the medium 
drive device 21. the fourth composite signal travels 
through the interface 21 7 and then reaches the authen- 
ticating device 215. The authenticating device 215 
extracts the signal of the intennediate.key-@Jrom.the- 
fourth composite signal. The authenticating device 215 
extracts the signal of the selected identifier ID from the 
fourth composite signal. The authenticating device 215 
searches the memory 214 for a target sub area which 
stores the signal of the selected identifier ID. Specifi- 
cally, the authenticating device 215 sequentially reads 
out signals of identifiers from the sub areas Tempi, 
Temp2. - - - , and Tempn of the memory 214, and then 
decides whether or not the readout identifiers are equal 
to the selected identifier. The authenticating device 215 
detects the target sub area by finding the readout iden- 
tifier which equals the selected identifier. The authenti- 
cating device 215 accesses the target sub area of the 
memory 214 which stores the signal of the selected 
identifier ID. The authenticating device 215 reads out 
the signal of the intermediate key <3) from the accessed 
sub area (the target sub area) of the memory 214. The 
authenticating device 215 compares the intermediate 
key (3) and the intermediate key ® to decide whether 
or not the two keys are equal to each other. When it is 
decided that the intermediate key Q and the intermedi- 
ate key @ are not equal to each other, the authenticat- 
ing device 215 irtNbte further commurtication between 
the medium drive device 21 and the data processing 
apparatus 41. In other words, the medium drive device 
21 is (fiscortnected from the data processing apparatus 
41 . When it is decided that the intermediate key (3> and 
the iritermediate key @ are equal to each other, the 
kws-key-generaiwn stao^ is ccrr^^ 
the authenticating device 215 i ntonre trie cc<TtroHe r216 
tr^.theirrternwdjate-l^^ 
@ are equal to^each others tn adoHioivthe autrttStUical- 
ing device 215 feeds the sigjial of the s elected derrtifier 
ID to the controller 21 & The controller 216 controls the 
encrypting device 213 in response to the key equality 
information and the selected identifier ID to generated 
bus-key.-ln addition, the controller 216 outputs a signal 
(an equality-representing signal) to the interface 217 
which represents that the intermediate key © and the 
intermediate key ® are equal to each other. The inter- 
face 217 is controOed by the controller 216, transmitting 
the equality-representing signal to the data processing 



apparatus 41 via the data bus 31 . The personal compu- 
ter in the data processing apparatus 41 receives the 
equality-representing signal via the interface 411. The 
personal computer controls tr» decrypting device 41 8 in 
5 response to the equality-representing signal to generate 
aibuskey^. 

[0049] During the.bus-key generation stage, the con- 
troller 216 in the medium drive device 21 feeds the sig- 
nal of the selec^jdentifi^ device 

io 213. The encrypting device 213 is controfled by the con- 
troller 216, searching the memory 214 for a target sub 
area which stores the signal of the selected identifier ID. 
Specifically, the encrypting device 213 sequentially 
reads out signals of identifiers from the sub areas 

is Tempi, Temp2. • • • . and Tempn of the memory 214, 

and then deckles whether w.rwt the readout identifiers- 
are equal to the selected identifier. The encrypting 
device 213 detects the target sub ajea-by^indng*tne 
reactout iderrtif ier whi^ 

so The encrypting device 213 accesses the target sub area 
of the memory 214 which stores the signal of the 
selected identifier ID. The encrypting device 21 breads 
out the signal ottheJntemedjaj&J?^^ 
c^e imemiecSale key © from the accessed sub area 

25 (the target sub area) of the memory 214. The encrypting 
device 213 generates a signal of a bus key on the basis 
of t he intermediate kev c^.and.tri^irrtermediate kev <3> 
according tqa predetermined akjorithm. The encrypting, 
device 2 1 3 has a memory storing information of the pr e- 

30 determined algorithm. The encrypting device 213 
accesses the target sub area of The memory 214 which 
stores the signal of the selected identifier ID. The 
encrypting device 213 writes the signal of the bus key 
into the accessed sub area (the target sub area) of the 

35 memory 214, that is, the sub area of the memory 214 
which stores the signal of the selected identif ier ID. In 
this way, the signal of the bus key is stored into The 
memory 214 while being made to have a relation with 
the signal of the selected identifier ID. 

40 [0050] During the bus-key generation stage, the per- 
sonal computer in the data processing apparatus 41 
feeds the signal of the selected identifier ID to the 
decrypting device 418. The decrypting device 418 is 
controlled by the personal computer, searching the 

45 memory 41 7 for a target sub area which stores the sig- 
nal of the selected identifier ID. SpecSically. the decrypt- 
ing device 418 sequentially reads out signals of 
identifiers from the sub areas Tempi , Temp2. • * • , and 
Tempn of the memory 417. and then decides whether or 

so not the readout identifiers are equal to the selected 
identifier. The decrypting device 418 detects the target 
sub area by finding the readout identifier which equals 
the selected identifier. The decrypting device 418 
accesses the target sub area of the memory 41 7 which 

55 stores the signal of the selected identifier ID. The 
decrypting device 418 reads out the signal of the inter- 
mediate key (D and the signal of the intermediate key 
® from the accessed sub area (the target sub area) of 
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the memory 417. The decrypting device 418 generates 
a signal of a bus key on the basts of the intermediate 
key 0 and the intermediate key ® according to a pre- 
determined algorithm which is equal to the bus-key- 
generating algorithm used in the encrypting device 213 s 
in the medium drive device 21. The decrypting device 
418 has a memory storing information of the predeter- 
mined algorithm. The decrypting device 418 accesses 
the target sub area of the memory 41 7 which stores the 
signal of the selected identifier ID. The decrypting 
device 418 writes the signal of the bus key into the 
accessed sub area (the target sub area) of the memory 
417, that is, the sub area of the memory 417 which 
stores the signal of the selected identifier ID. In this way, 
the signal of the bus key is stored into the memory 417 
while being made .to have a .relat»n ,wit^.fr«,signal^of. 
the selected identifier ID. 

[00511 The data encryption transmission stage foDows 
the bus-key generation staga During the data encryp- 
tion transmission stage, the data processing apparatus 
41 transmits a signal of a data requesting command to 
the medium drive device 21 via the data bus 31. The 
signal of the data requesting command is generated by 
the personal computer. The signal of the data request- 
ing command contains the signal of the selected identi- 
fier ID. 

[0052] During the data encryptkxi transrnission stage, 
the medium drive device 21 receives the signal of the 
data requesting command via the data bus 31. In the 
medium drive device 21, the signal of the data request- 
ing command travels through the interface 21 7 and then 
reaches the controller 21 & The controller 216 detects 
the type of the present command, tn other words, the 
controller 216 decides the present command to be a 
data requesting command. The controller 216 extracts 
the signal of the selected identifier ID from the signal of 
the data requesting command. The controller 216 feeds 
the signal of the selected identifier ID to the encrypting 
device 213. The encrypting device 213 is controlled by 
the controller 216, searching the memory 214 for a tar- 
get sub area which stores the signal of the selected 
identifier ID. SpecfficaHy, the encrypting device 213 
sequentially reads out signals of identifiers from the sub 
areas Tempi. Temp2, • • • , and Tempn of the memory 
214, and then decides whether or not the readout iden- 
tifiers are equaJ to the selected identic 
device 213 detects the target sub area by finding the 
readout identifier which equate the selected identifier. 
The encrypting device 213 accesses the target sub area 
of the memory 214 which stores the signal of the 
selected identifier ID. The encrypting device 213 reads 
out the signal of the bus key from the accessed sub area 
(the target sub area) of the memory 214. The controller 
21 6 controls the reproducing unit 211 in response to the 
signal of the data requesting command so that the 
reproducing unit 211 reads out contents data from the 
digital storage medium 11 and outputs the contents 
data to the encrypting device 213. The encrypting 



device 213 encrypts the contents data in accordance 
with the bus key. The encrypting device 213 combines 
the signal of the selected identifier ID and the encryp- 
tion-resultant data into final data. The encrypting device 
213 outputs the final data to the interface 217. The inter- 
face 21 7 is controlled by the controller 21 6, transmitting 
the final data to the data processing apparatus 41 via 
the data bus 31. 

[0053] During the data encryption transmission stage, 
the data processing apparatus 41 receives the final data 
from the data bus 31. In the data processing apparatus 
41, the final data travels through the interface 411 and 
then reaches the decrypting and aumenticating portion 
415 via the WO bus 412. In the decrypting and authenti- 
cating portion 415, the decrypting device 418 receives 
..the final data. The decrypting device 418 extracts- the 
signal of the selected identifier ID from the final data. 
The decrypting device 418 searches the memory 417 
for a target sub area which stores the signal of the 
selected identifier ID. Specifically, the decrypting device 
418 sequentially reads out signals of identifiers from the 
sub areas Tempi, Temp2, • • •, and Tempn of the 
memory 417, and then decides whether or not the rea- 
dout identifiers are equal to the selected identifier. The 
decrypting device 418 detects the target sub area by 
finding the readout identifier which equals the selected 
identifier. The decrypting device 418 accesses the tar- 
get sub area of me memory 417 which stores the signal 
of the selected identifier ID. The decrypting device 418 
reads out the signal of the bus key from the accessed 
sub area (the target sub area) of the memory 417. The 
decrypting device 418 separates the encryption-resuH- 
ant data from the final data. The decrypting device 41 8 
decrypts the encryption-resultant data into the original 
contents data in accordance with the bus key. The 
decrypting device 418 outputs the contents data to the 
data separator 426. The data separator 426 divides the 
contents data into video data and audio data The data 
separator 426 outputs the video data to the video 
decoder 427. The data separator 426 outputs the audio 
data to the aucfio decoder 428. The video decoder 427 
decodes the video data into a video signal of a given 
form The video decoder 427 outputs the video signal to 
an external device (not shown). In addition, the video 
decoder 427 outputs the video signal to the video card 
424. The audio decoder 428 decodes the audio data 
into an aucio signal of a given form. The audio decoder 
428 outputs the audio signal to an external device (not 
shown). 

[0054] Since drfferent identifiers ID can be used as 
previously explained, plural processing step sets each 
having authentication, encryption, and decryption can 
be simultaneously implemented on a time sharing 
basis. In this case, multiple tasks can be simultaneously 
implemented according to an OS (operating system) for 
the personal computer in the data processing apparatus 
41. Drfferent bus keys are assigned to the multiple tasks 
respectively. 
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Second Embodiment 

[0055] A second ernbocfiment of this Invention is simi- 
lar to the first ernbodirnent thereof except for design 
changes indicated later. According to the second 5 
embodiment of this invention, a signal of an identifier ID 
which corresponds to a signal of a selected identifier ID 
is previously prepared in the data processing apparatus 
41 . This signal of the identifier ID is used instead of the 
signal of the selected identifier ID. In the second embod- w 
iment of this invention, it is unnecessary for the data 
processing apparatus 41 to transmit a signal of an iden- 
tifier requesting command to the medium drive device 
21 via the data bus 31. 

15 

-Third Embodiment - . - 

[0056] A third ernbodirnent of this invention is similar 
to the first ernbodirnent thereof except for a design 
change indicated later. One of the mea^um-ctfve-device so 
aAitrtentcatkxiDy thec^p<ocessingappara and 
the data-processirig-apparatus authentication by the 
medium drive device 21 is omitted from the third 
embodiment of this invention. 

25 

Fourth Ernbodirnent 

[0057] Fig. 9 shows an in for mati on processing system 
according to a fourth ernbocfiment of this invention. The 
information processing system of Fig. 9 is similar to the so 
information processing system, of Fig. 1 except for 
design changes indicated later. 
[0058] The information processing system of Fig. 9 
includes medium drive devicesjplaye^}^2^-i-i^and 
2n tor reading out data from c5grta! storage mediums 1 2, 35 
• ' and 1n, respectively. The medium drive devices 
22. * • • , and 2n are connected via the data bus 31 to 
the data processing apparatus 41. 
[0059] The structures of the medium drive devices 22, 

• • • , and 2n are similar to the structure of the medium 40 
drive device 21. DifferecLip^nliRers-LUr^are" assigned 

to me-nr^ tmi - drive,devic es.2J,-22.-^^..and_ 2n 
respectively soJriat.me.medium. cMve.a^ rices 21, 22, 

• • * , and 2n can be cSsui i n ii i ate d frorrueach,o1her..By. 
using one of the je^ntifiersOJUtCtne^dafe^ 45 
device 41 can selectively ac cess and communicate with 
one of the mecSum drive devices 21. 22, • • • , and 2n. 

Frfth Emtxxfi merit 

50 

[0060] A fifth embodiment of this invention is similar to 
the first ernbodirnent thereof except for design changes 
indicated later. Fig. 1 0 shows a medium drive device 21 
in the fifth errtxxlirnerrt of this invention which inctudes 
an encrypting and authen ti c atin g portion 212A instead 55 
of the encrypting and authenticating portion 212 in Fig. 
2. Fig. 11 shows a data processing apparatus 41 in the 
fifth embodiment of this invention which includes a 



decrypting and authenticating portion 4156 instead of 
the decrypting and authenticating portion 415 in Fig. 3. 
[0061] As shown in Fig. 12. the encrypting and 
authenticating portion 212A inctudes a processor 500, a 
register 501, a random number generator 502, an 
authenticating device 503. an encrypting device 504, a 
register (a memory) 505, a ROM 506, and a RAM 507. 
The processor 500 is connected between the reproduc- 
ing unit 21 1 (see Fig. 10) and the interface 21 7 (see Fig. 
10). The register 501, the random number generator 
502, the authenticating device 503, the encrypting 
device 504, the ROM 506. and the RAM 507 are con- 
nected to the processor 500. The register (the memory) 

505 is connected to the authenticating device 503 and 
the encrypting device 504. The register 501 is con- 
nected to the controller 216 (see F*g.~10) 

[0062] The controller 21 6 and the processor 500 can 
load the register 501 with signals of instructions tor con- 
trolling the processor 500, status-representing signals, 
and other signals. The processor 500 inctudes a micro- 
processor or a similar device which operates in accord- 
ance with a control program stored in an internal 
memory. The processor 500 also responds to the sig- 
nals of the instructions in the register 501. The ROM 

506 stores information of a table^avirtg,numerical.val- 
ueSjfor_encr yption. The processor 500 uses the RAM 

507 in executing work defined by the control program 
and the instructions in the register 501 . The register (the 
memory) 505 is similar to the memory 214 in Fig. 2. 
[0063] As shown in Fig. 13, the_decryptirtg and 
authenticating portion 41 56 includes a processor 500B, 
a register 501 B, a random number generator 502B. an 
authenticating device 503 B, a decrypting device 504B, 
a register (a memory) 505B, a ROM 506B. and a RAM 
507B. The processor 500B is connected between the 
I/O bus 412 (see Fig. 11) and the data separator 426 
(see Fig. 11). The register 50 1B, the random number 
generator 502 B, the authenticating device 503 B, the 
Decrypting device 504B! the ROM 506B, and the RAM 
507B are connected to the processor 500B. The regis- 
ter (the memory) 505B is connected to the authenticat- 
ing device 503B and the decrypting device 504B. The 
register 501 B is connected to the personal computer in 
the data processing apparatus 41 (see Ftg. 11). 
[0064] The personal computer and The processor 
500B can toad the register 501 B with signals of instruc- 
tions for controtfing the processor 500 B. status-repre- 
senting signals, and other signals. The processor 500B 
includes a microprocessor or a similar device which 
operates in accordance with a control program stored in 
an internal memory. The processor 500B also responds 
to the signals of the instructions in the register 501B. 
The ROM 506B stores information of a table having 
numerical values for decryption. The processor 500B 
uses The RAM 507B in executing work defined by the 
control program and the instructions in the register 
501 B. The register (the memory) 505B is simflar to the 
memory 417 in Fig. 3. 
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[0065] A sequence of processes tnplemented by the 
data processing apparatus 41 and the medium drive 
device 21 has a first stage (a first phase) for authentica- 
tion start, a second stage (a second phase) for authen- 
tication of a medium drive device, a third stage (a third 
phase) for authentication of a data processing appara- 
tus, a fourth stage (a fourth phase) for generation of a 
bus key. and a fifth stage (a fifth phase) for data encryp- 
tion and data transmission. 

[0066] When the personal computer in the data 
processing apparatus 41 starts to execute an applica- 
tion program which has a step of requesting the medium 
drive device 21 to transmit data from the digital storage 
medium 1 1 , the authentication start stage commences. 
During the authentication start stage, the data process- 
ing .apparatus 41 transmits, a. signal -of an~ identifier, 
requesting command to the medium drive device 21 via 
the data bus 31. The signal of the identifier requesting 
command is generated by the personal computer. 
[0067] During the authentication start stage, the 
medium drive device 21 receives the signal of the iden- 
tifier requesting command via the data bus 31. In the 
medium drive device 21, the signal of the identifier 
requesting command travels through the interface 217 
and then reaches the controller 216. The controller 216 
detects the type of the present command. In other 
words, the controller 21 6 decides the present command 
to be an identifier requesting command. The controller 
21 6 selects unused one of pr ec^errTirr^,cf]fjerem id^ 
tHiers-ID in Tesjx>nse to the identify 
mand. ft should be noted tr^ tt^contptl ff 21 6 inclu des 
a memory storing^jnfomr^ 
identfiers ID. and has. alun cfon rt.de 
each of the predetermirved dent?iers^lD r 'rs used~or 
unused. The controller 216 generates a signal of the 
selected identifier ID. The controller 216 outputs the sig- 
nal of the selected identifier ID to the interface 217. The 
interface 217 is controlled by the controller 216, trans- 
mitting the signal of the selected identifier ID to the data 
processing apparatus 41 via the data bus 31 . The con- 
troDer216 outputs the signal of the selected identifier ID 
to the encrypting and authenticating portion 212A. In 
the encrypting and authenticating portion 21 2A, the reg- 
ister 501 is loaded with the signal of the selected identi- 
fier ID. The processor 500 transmits the signal of the 
selected identifier ID from the register 501 to the 
authenticating device 503. The authenticating device 
503 is controlled by the processor 500, storing the sig- 
nal of the selected identifier ID into unused one of sub 
areas Tempi, Temp2, - • • , and Temp in the register 
(the memory) 505. 

[0068] During the authentication start stage, the data 
processing apparatus 41 receives the signal of the 
selected identifier ID via the data bus 31. In the data 
processing apparatus 41, the signal of the selected 
identifier ID travels through the interface 411 and then 
reaches the decrypting and authenticating portion 41 5B 
via the I/O bus 412. tn the decrypting and authenticating 



portion 415B, the processor 500B receives the signal of 
the selected identifier ID. The processor 500 B outputs 
the signal of the selected identifier ID to the authenticat- 
ing device 503B. The authenticating device 503B is con- 
5 trolled by the processor 500B, storing the signal of the 
selected identifier ID into unused one of sub areas 
Tempi, Temp2, • - *, and Terrtpn in the register (the 
memory) 505B. 

[0069] The mediurrKfrive-device authentication stage 

io follows the authentication start stag a During the 
medhirn-drive-device authentication stage, the proces- 
sor 500B in the data processing apparatus 41 controls 
the random number generator 502B to produce a ran- 
dom number. The processor 500B transmits intonnation 

is of the produced random number from the random 

- —number. generator 502B to the autnerifcating-device — 
503B. The authenticating device 503B is controlled by 
the processor 500B, generating a signal of a challenge 
key (a random number key) "1" in response to the ran- 

20 dom number. The authenticating device 503B combines 
the signal of the selected identifier ID and the signal of 
the challenge key "1" into a first cornposrte signal. The 
first composite signal represents a set of the selected 
identifier ID and the challenge key "1". The processor 

25 500B transmits the first composite signal from the 
authenticating device 503B to the interface 411 via the 
I/O bus 412. The data processing apparatus 41 trans- 
mits the first composite signal to the medium drive 
device 21 via the data bus 31. 

30 [0070] During the medjurn-drive-device authentication 
stage, the authenticating device 503B in the data 
processing apparatus 41 is controlled by the processor 
500B, generating a signal of an intermediate key @) on 
the basis of the challenge key "1", according to a prede- 

35 termined algorithm. The authenticating device 503B 
has a memory storing information of the predetermined 
algorithm. The authenticating device 503B searches the 
register (the memory) 505B tor a target sub area which 
stores the signal of the selected identifier ID. Specrfi- 

40 cally, the authenticating device 503 B sequentially reads 
■ out signals of identifiers from the sub areas of the regis- - 
ter (the memory) 505B, and then decides whether or not 
the readout identifiers are equal to the selected identi- 
fier. The authenticating device 503B detects the target 

45 sub area by finding the readout identifier which equals 
the selected identifier. The authenticating device 503B 
accesses the target sub area of the register (the mem- 
ory) 505B which stores the si^al of the selected identi- 
fier ID. The authenticating device 503B writes the signal 

so of the challenge key "1 ". and the signal of the intermedi- 
ate key 0 into the accessed sub area (the target sub 
area) of the register (the memory) 505B. that is. The sub 
area of the register (the memory) 505B which stores the 
signal of the selected identifier ID. In this way, the signal 

55 of the challenge key "1" and the signal of the irrtermedi- 
ate key (D are stored into the register (the memory) 
505B while being made to have a relation with the signal 
of the selected identifier ID. 
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[0071] During the mediunKfriveKfevice authentication 
stage, the medium drive device 21 receives the first 
composite signal of the selected identifier ID and the 
challenge key "1" via the data bus 31. tn the medium 
drive device 21. the first composite signal travels 
through the interface 217 and then reaches the encrypt- 
ing and authenticating portion 21 2A. In the encrypting 
and authenticating portion 212A, the processor 500 
receives the first composite signal. The processor 500 
outputs the first composite signal to the authenticating 
device 503. The authenticating device 503 is controlled 
by the processor 500. extracting the signal of the chal- 
lenge key "1" from the first composite signal. In adrition. 
the authenticating device 503 extracts the signal of the 
selected identifier ID from the first composite signal. 
. The authenticating device 503 generates a^signal .of. an_ 
intermecSate key © on the basis of the challenge key 
"1" according to a predetermined algorithm which is 
equal to the intenriec5ate-key-^3)-generating algorithm 
used in the authenticating device 503B in the data 
processing apparatus 41. The authenticating device 
503 has a memory storing information of the predeter- 
mined algorithm. The authenticating device 503 
searches the register (the memory) 505 for a target sub 
area which stores the signal of the selected identifier ID. 
Specifically, the authenticating device 503 sequentially 
reads out signals of identifiers from the sub areas of the 
register (the memory) 505. and then decides whether or 
not the readout identifiers are equal to the selected 
identifier. The authenticating device 503 detects the tar- 
get sub area by finding the readout identifier which 
equals the selected identifier. The authenticating device 
503 accesses the target sub area of the register (the 
memory) 505 which stores the signal of the selected 
identifier ID. The authenticating device 503 writes the 
signal of the challenge key "1" and the signal of the 
imermediate key <2> into the accessed sub area (the tar- 
get sub area) of the register (the memory) 505. that is, 
the sub area of the register (the memory) 505 which 
stores the signal of the selected iderrffier ID. tn this way. 
the signal of the challenge key "1 " and the signal of the 
intermediate key @ are stored into the register (the 
memory) 505 while being made to have a relation with 
the signal of the selected identifier ID. 
[0072] During trtemediuin-drive-devro 
stage, the authenticating device 503 combines the sig- 
nal of the selected identffier ID and the signal of the 
intermecBate key 0 into a second cmi|XJbile signal. 
The second compo site signal represents a set of the 
selected identifier ID and the intermediate key ©. The 
processor 500 tr ansm its the second composite signal 
from the authenticating device 503 to the interface 217. 
The interface 217 is controlled by the controller 216, 
transmitting the second composite signal to the data 
processing apparatus 41 via the data bus 31. 
[0073] During the mediunKtrive-device authentication 
stage, the data processing apparatus 41 receives the 
second composite signal via the data bus 31. The sec- 



ond composite signal represents a set of the selected 
identifier ID and the intermediate key ©. In the data 
processing apparatus 41 , the second ccrrtposite signal 
travels through the interface 411 and then reaches the 
5 decrypting and authenticating portion 415B via the I/O 
bus 412. In the decrypting and authenticating portion 
415B. the processor 500B receives the second com- 
posite signal. The processor 500B feeds the second 
conTposrte signal to the authenticating device 503B. The 
10 authenticating device 503B is controlled by the proces- 
sor 500 B, extracting the signal of the intermediate key 
@ from the second composite signal. The authenticat- 
ing device 503B extracts the signal of the selected iden- 
tifier ID from the second composite signal. The 
is authenticating device 503B searches the register (the 

memory) 505B.for.a target sub area whrch.stores.ttie 

signal of the selected identifier ID. Specifically, the 
authenticating device 503B sequentially reads out sig- 
nals of identifiers from the sub areas of the register (the 
20 memory) 505B, and then decides whether or not the 
readout identifiers are equal to the selected identifier. 
The authenticating device 503B detects the target sub 
area by finding the readout identifier which equals the 
selected identifier. The authenticating device 503B 
25 accesses the target sub area of the register (the mem- 
ory) 505B which stores the signal of the selected identi- 
fier ID. The authenticating device 5038 reads out the 
signal of the intermediate key 0 from the accessed sub 
area (the target sub area) of the register (the memory) 
30 505B. The authenticating device 503B compares the 
intermediate key 0 and the imermediate key <2> to 
decide whether or not the two keys are equal to each 
other. When it is decided that the intermediate key CD 
and the intermediate key © are not equal to each other, 
35 the authenticating device 503B feeds the processor 
500B with a disconnection signal designed to inhftxt fur- 
ther ccmriurttcation between the data processing appa- 
ratus 41 and the medium drive device 21. Thus, the data 
processing apparatus 41 is disconnected from the 
40 medium drive device 21. When it is decided that the 
intermediate key 0 and the intermediate key ® are 
equal to each other, the data-processirxhapparatus 
authentication stage is commenced. Specifically, the 
authenticating device 503B informs the processor 500 B 
45 that the intermediate key 0 and the intermecfiate key 
@ are equal to each other. Then, the processor 500B 
informs the personal computer of the key equality. The 
persona) computer generates a signal of an authentica- 
tion requesting command in response to the key equal- 
50 rty information. The data processing apparatus 41 
transmits the signal of the authentication requesting 
command to the medium drive device 21 via the data 
bus 31. The signal of the authentication requesting 
command contains the signal of the selected identifier 
ID. 

[0074] During the dato-processing^apparatus authen- 
tication stage, the medum drive device 21 receives the 
signal of the authentication requesting command via the 
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data bus 31. In the medium drive device 21, the signal 
of the authentication requesting command travels 
through the interface 217 and then reaches thB control- 
ler 216. The controller 216 detects the type of the 
present command. In other words, the controller 216 
decides the present command to be an authentication 
requesting command. The controller 216 controls the 
encrypting and authenticating portion 212A in response 
to the authentication requesting command. The control- 
ler 216 extracts the signal of the selected identifier ID 
from the signal of the authentication requesting com- 
mand. The controller 216 informs the encrypting and 
authenticating portion 212A of the selected identifier ID. 
[0075] During the cata-c*c<^ssirxj-apparatus authen- 
tication stage, the processor 500 in the medium drive 
device 21 controls the random number generator 502 to. 
produce a random number. The processor 500 trans- 
mits information of the produced random number from 
the random number generator 502 to the authenticating 
device 503. The authenticating device 503 is controlled 
by the processor 500, generating a signal of a challenge 
key (a random number key) "2" in response to the ran- 
dom number. The processor 500 receives the signal of 
the selected identifier ID from the controller 216 via the 
register 501. The processor 500 feeds the signal of the 
selected identifier ID to the authenticating device 503. 
The authenticating device 503 combines the signal of 
the selected identifier ID and the signal of the challenge 
key "2" into a third composite signal. The third compos- 
ite signal represents a set of the selected identifier ID 
and the challenge key "2". The processor 500 feeds the 
third composite signal from the authenticating device 
503 to the interface 217. The interface 217 is controlled 
by the controller 216, transmitting the third composite 
signal to the data processing apparatus 41 via the data 
bus 31. 

[00/6 J During the oate-processing-apparatus authen- 
tication stage, the authenticating device 503 in the 
medium drive device 21 generates a signal of an inter- 
mediate key <3> on the basis of the challenge key "2" 
accenting to a predetermined algorithm. The authenti- 
cating device 503 has a memory storing information of 
the predetermined algorithm. The authenticating device 
503 searches the register (the memory) 505 for a target 
sub area which stores the signal of the selected identi- 
fier ID Specifically, the authenticating device 503 
sequentially reads out signals of identifiers from the sub 
areas of the register (the memory) 505, and then 
decides whether or not the readout identif iers are equal 
to the selected identifier. The authenticating device 503 
detects the target sub area by finding the readout iden- 
tifier which equals the selected identifier. The authenti- 
cating device 503 accesses the target sub area of the 
register (the memory) 505 which stores the signal of the 
selected identifier ID. The authenticating device 503 
writes the signal of the challenge key "2" and the signal 
of the intermec5ate key CD into the accessed sub area 
(the target sub area) of the register (the memory) 505. 



that is, the sub area of the register (the memory) 505 
which stores the signal of the selected identifier ID. In 
this way, the signal of the challenge key "2" and the sig- 
nal of the irrtermeaTate key <3> are stored into the regis- 

5 ter (the memory) 505 while being made to have a 
relation with the signal of the selected identifier ID. 
[00771 During the data-processing-apparatus authen- 
tication stage, the data processing apparatus 41 
receives the third corrposrte signal of the selected iden- 

w tifier ID and the challenge key "2" via the data bus 31 . 6n 
the data processing apparatus 41 , the third composite 
signal travels through the interface 411 and then 
reaches the decrypting and authenticating portion 41 5B 
via the I/O bus 41 2. In the decrypting and authenticating 

is portion 415B, the processor 500B receives the third 

composite signal. The processor .500 B . feeds the third 

composite signal to the authenticating device 503B. The 
authenticating device 503B is controlled by the proces- 
sor 500 B, extract ing the signal of the challenge key "2" 

20 from the third composite signal. In addition, the authen- 
ticating device 503B extracts the signal of the selected 
identifier ID from the third composite signal. The 
authenticating device 503B generates a signal of an 
intermediate key ® on the basis of the challenge key 

25 "2" according to a predetermined algorithm which is 
equal to the intermediate-key-® -generating algorithm 
used in the authenticating device 503 in the medium 
drive device 21. The authenticating device 503B has a 
memory storing information of the predetermined algo- 

30 rithm. The authenticating device 503B searches the 
register (the memory) 505B for a target sub area which 
stores the signal of the selected identifier ID. Specifi- 
cally, the authenticating device 503B sequentially reads 
out signals of identifiers from the sub areas of the regis- 

36 ter (the memory) 505B. and then decides whether or not 
the readout identifiers are equal to the selected identi- 
fier. The authenticating device 503B detects the target 
sub area by finding the readout identifier which equals 
the selected identifier. The authenticating device 503B 

40 accesses the target sub area of the register (the mem- 
ory) 505B which stores the signal of the selected identi- 
fier ID. The authenticating device 503B writes the signal 
of the challenge key "2" and the signal of the intermedi- 
ate key <& into the accessed sub area (the target sub 

45 area) of the register (the memory) 505B. that is, the sub 
area of the register (the memory) 505B which stores the 
signal of the selected identifier ID. In this way. the signal 
of the challenge key "2" and the signal of the intermerf- 
ate key @ are stored into the register (the memory) 

so 505B while being made to have a relation with the signal 
of the selected identifier ID. 

[0078] During the o^iyocessing^pparatus authen- 
tication stage, the authenticating device 503B in the 
data processing apparatus 41 combines the signal of 
55 the selected identifier ID and the signal of the intermedi- 
ate key @ into a fourth composite signal. The fourth 
composite signal represents a set of the selected iden- 
tifier ED and the intermediate key (3). The processor 
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5O0B transmits the fourth composite signal from the 
authenticating device 503B to the interface 41 1 via the 
I/O bus 412. The data processing apparatus 41 trans- 
mits the fourth composite signal to the medium drive 
device 21 via the data bus 31. 5 
[0079] During the o^-prccessing-apparatus authen- 
tication stage, the medium drive device 21 receives the 
fourth composite signal via the data bus 31. The fourth 
composite signal represents a set of the selected iden- 
tfier ID and the intermediate key (3>. fn The medium io 
drive device 21, the fourth composite signal travels 
through the interface 217 and then reaches the encrypt- 
ing and authenticating portion 212A. In the encrypting 
and authenticating portion 212A, the processor 500 
receives the fourth composite signal. The processor is 
500. feeds me.fourth. composite signal to the authenti- 
cating device 503. The authenticating device 503 is con- 
trol] ed by the processor 500, extracting a signal of the 
irrtermetfiate key (3> from the fourth composite signal. In 
addition, the authenticating device 503 extracts the sig- so 
nal of the selected identifier ID from the fourth compos- 
ite signal. The authenticating device 503 searches the 
register (the memory) 505 for a target sub area which 
stores the signal of the selected identifier ID. Specifi- 
cally, the authenticating device 503 sequentially reads zs 
out signals of identifiers from the sub areas of the regis- 
ter (the memory) 505, and then decides whether or not 
the readout identifiers are equal to the selected identi- 
fier. The authenticating device 503 detects the target 
sub area by finding the readout identifier which equals so 
the selected identifier. The authenticating device 503 
accesses the target sub area of the register (the mem- 
ory) 505 which stores the signal of the selected identi- 
fier ID. The authenticating device 503 reads out the 
signal of the intermediate key © from the accessed as 
sub area (the target sub area) of the register (the mem- 
ory) 505. The authenticating device 503 compares the 
intermediate Key ® and the intermediate key © to 
decide whether or not the two keys are equal to each 
other. When it is decided that the intermediatB key G) 40 
and the intermec5ate key ® are not equal to each other, 
the authenticating device 503 feeds the processor 500 
with a disconnection signal designed to inhibit further 
communication between the medium drive device 21 
and the data processing apparatus 41. Thus, the «s 
medium drive device 21 is dteconnected from the data 
processing apparatus 41. When ft is decided that the 
intermediate key @ and the irttermec5ate key <$) are 
equal to each other, the bus-key generation stage is 
commenced. Specifically, the authenticating device 503 so 
informs the processor 500 of the key equality. In addi- 
tion, the authenticating device 503 feeds the signal of 
the selected identifier ID to the processor 500. The 
processor 500 controls the encrypting device 504 in 
response to the key equality information and the 55 
selected identifier ID to generate a bus key. Also, the 
processor 500 outputs a signal (an equality-represent- 
ing signal) to the interface 217 which represents that the 



Intermediate key @ and the intermediate key ® are 
equal to each other. The interface 217 is controlled by 
the controller 216, transmitting the equality-represent- 
ing signal to the data processing apparatus 41 via The 
data bus 31. The persona) computer in the data 
processing apparatus 41 receives the equality-repre- 
senting signal via the interface 41 1 . The personal com- 
puter controls the decrypting and authenticating portion 
415B in response to the equality-representing signal to 
generate a bus key. 

[0080] During the bus-key generation stage, the proc- 
essor 500 in the medium drive device 21 feeds the sig- 
nal of the selected identifier ID to the encrypting device 

504. The encrypting device 504 is controlled by the 
processor 500, searching the register (the memory) 505 
for a target sub. area. which -stores the-signal oLthe 
selected identifier ID. Specifically, the encrypting device 

504 sequentially reads out signals of identifiers from the 
sub areas of the register (the memory) 505, and then 
decides whether or not the readout identifiers are equal 
to the selected identifier. The encrypting device 504 
detects the target sub area by finding the readout iden- 
tifier which equals the selected identifier. The encrypt- 
ing device 504 accesses the target sub area of the 
register (the memory) 505 which stores the signal of the 
selected identifier ID. The encrypting device 504 reads 
out the signal of the intermediate key ® and the signal 
of the intermediate key @ from the accessed sub area \ 
(the target sub area) of the register (the memory) 505. , 
The encrypting device 504 generates a signal of a bus 
key on the basis of the intermediate key <2> and the 4 
intermediate key ® according to a predetermined J 
algorithm. The encrypting device 504 has a memory 
storing information of the predetermined algorithm. The 
encrypting device 504 accesses the target sub area of 
the register (the memory) 505 which stores the signal of 
the selected identifier ID. The encrypting device 504 
writes the signal of the bus key into the accessed sub 
area (the target sub area) of the register (the memory) 

505, that is, the sub area of the register (the memory) 

505 which stores the signal of the selected identifier ID. 
In this way, the signal of the bus key is stored into the 
register (the memory) 505 while being made to have a 
relation with the signal of the selected identifier ID. 
[0081] During the bus-key generation stage, the per- 
sonal computer in the data processing apparatus 41 
feeds the signal of the selected identifier ID to the 
decrypting device 504B via the processor 500 B. The 
decrypting device 504B is controlled by the processor 
500B, searching the register (the memory) 505B for a 
target sub area which stores the signal of the selected 
identifier ID. Specifically, the decrypting device 504B 
sequentially reads out signals of identifiers from the sub 
areas of the register (the memory) 505B, and then 
decides whether or not the readout identif iers are equal 
to the selected identifier. The decrypting device 504B 
detects the target sub area by fincfng the readout iden- 
tifier which equals the selected identifier. The decrypt- 
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ing device 504B accesses the target sub area of the 
register (the memory) 505B which stores the signal of 
the selected tderttffier ID. The decrypting device 504B 
reads out the signal of the intermediate key (D and the ■ 
signal of the intermediate key ® from the accessed sub Sj 5 
area (the target sub area) of the register (the memory)^ 
505B. The decrypting device 504B generates a signal of i I 
a bus key on the basis of the intermediate key (J) andw 
the intermediate key ® according to a predetermined I 
algorithm which is equal to the bus-key-generating algo-f w 
rithm used in the encrypting device 504 in the medium 1 
drive device 21. The decrypting device 504B has a? 
memory storing information of the predetermined algo-jJ 
rithm. The decrypting device 504B accesses the target 
sub area of the register (the memory) 505B which 15 
stores the signal of the, selected identifier ID. The 
decrypting device 504B writes the signal of the bus key 
into the accessed sub area (the target sub area) of the 
register (the memory) S05B. that is, the sub area of the 
register (the memory) 505B which stores the signal of 20 
the selected identffier ID. tn this way, the signal of the 
bus key is stored into the register (the memory) 505B 
while being made to have a relation with the signal of 
the selected identifier ID. 

[0082] The data encryption transrrission stage follows ss 
the bus-key generation stage During the data encryp- 
tion transmission stage, the data processing apparatus 
41 transmits a signal of a data requesting command to 
the medium drive device 21 via the data bus 31. The 
signal of the date requesting command is generated by 30 
the personal computer. The signal of the data request- 
ing command contains the signal of the selected identi- 
fier ID. 

[0083] During the data encryption trartsmission stage, 
the medium drive device 21 receives the signal of the as 
data requesting command via the data bus 31. In the 
medium drive device 21 , the signal of the data request- 
ing command travels through the interface 21 7 and then 
reaches the controller 216. The controller 216 detects 
the type of the present command, tn other words, the 40 
controller 216 decides the present command to be a 
data requesting command. The controller 216 extracts 
the signal of the selected identifier ID from the signal of 
the data requesting command. The controller 216 feeds 
the signal of the selected identifier ID to the encrypting 4s 
and authenticating portion 212A. tn the encrypting and 
authenticating portion 212A, the controller 500 receives 
the signal of the selected identifier ID via the register 
501. The controller 500 feeds the signal of the selected 
identifier ID to the encrypting device 504. The encrypt- so 
ing device 504 is controlled by the processor 500, 
searching the register (the rnemory) 505 for a target sub 
area which stores the signal of the selected identifier ID. 
Specifically, the encrypting device 504 sequentially 
reads out signals of iderttfiers from the sub areas of the 
register (the memory) 505. and then decides whether or 
not the readout identifiers are equal to the selected 
identifier. The encrypting device 504 detects the target 



sub area by finding the readout identifier which equals 
the selected identifier. The encrypting device 504 
accesses the target sub area of the register (the mem- 
ory) 505 which stores the signal of the selected identi- 
fier ID. The encrypting device 504 reads out the signal 
of the bus key from the accessed sub area (the target 
sub area) of the register (the memory) 505. The control- 
ler 216 controls the reproducing unit 211 in response to 
the signal of the data requesting command so that the 
reproducing unit 211 reads out contents data from the 
digital storage medium 11 and outputs the contents 
data to the encrypting and authenticating portion 212A 
tn the encrypting and authenticating portion 21 2A, the 
processor 500 receives the contents data The proces- 
sor 500 feeds the contents data to the encrypting device 
504. The .encrypting device_504„fe. controHed^byJtjs.. 
processor 500, referring to the numerical-value table in 
the ROM 506 and thereby encrypting the contents data 
in accordance with the bus key. The encrypting device 
504 combines the signal of the selected identifier ID and 
the encryption-resultant data into final data. The proc- 
essor 500 transmits the final data from the encrypting 
device 504 to the interface 217. The interface 217 is 
controlled by the controller 216, transmitting the final 
data to the data processing apparatus 41 via the data 
bus 31. 

[0084] During the data encryption transmission stage, 
the data processing apparatus 41 receives the f inal data 
from the data bus 31. In the data processing apparatus 
41 , the final data travels through the interface 41 1 and 
then reaches the decrypting and authenticating portion 
415B viathe I/O bus 412. In trie decrypting and authen- 
ticating portion 415B, the processor 500B receives the 
final data. The processor 500B feeds the final data to 
the decrypting device 504 B. The decrypting device 
504B is controlled by the processor 500 B. extracting 
the signal of the selected identifier ID from the final data. 
The decrypting device 504B searches the register (the 
memory) 505B for a target sub area which stores the 
signal of the selected identifier ID. Specifically, the 
decrypting device 504B sequentially reads out signals 
of identifiers from the sub areas of the register (the 
memory) 505B, and then decides whether or not the 
readout identifiers are equal to the selected identifier. 
The decrypting device 504B detects the target sub area 
by finding the readout identifier which equals the 
selected iderrffier. The decrypting device 504B 
accesses the target sub area of the register (the mem- 
ory) 5056 which stores the signal of the selected identi- 
fier ID. The decrypting device 504B reads out the signal 
of the bus key from the accessed sub area (the target 
sub area) of the register (the memory) 505B. The 
decrypting device 504B separates the encryption- 
resuttant data from the final data. The decrypting device 
504B is controlled by the processor 500B, referring to 
the rajmericai-value table in the ROM 506B and thereby 
decrypting the erKryptjon-resuftarrt data into the original 
contents data in accordance with the bus key. The proc- 
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essor 500B transmits the contents data from the 
decrypting device 504B to the data separator 426. The 
data separator 426 divides the contents data into video 
data and audio data. The data separator 426 outputs 
the video data to the video decoder 427. The data sep- 5 
arator 426 outputs the audio data to the audio decoder 
428. The video decoder 427 decodes the video data 
into a video signal of a given form. The video decoder 

427 outputs the video signal to an external device (not 
shown). In addition, the video decoder 427 outputs the w 
video signal to the video card 424. The audio decoder 

428 decodes the audio data into an audio signal of a 
given form. The audio decoder 428 outputs the audio 
signal to an external device (not shown). 

[0085] Since different identifiers ID can be used as is 

_ p<evic<jsry- explained,. rjturaJpra 

having authentication, encryption, and decryption can 
be simultaneously implemented on a time snaring 
basis. In this case, multiple tasks can be simultaneously 
implemented acconfing to an OS (operating system) for 20 
the personal computer in the data processing apparatus 
41. Different bus keys are assigned to the muttiple tasks 
respectively. 

[0086] A data processing apparatus generates a ran- 
dom number key, and generates a first intermediate key 2s 
in response to the random number key. The data 
processing apparatus memorizes the first intermediate 
key in connection with an identifier. A combination of the 
identifier and the random number key is transmitted 
from the data processing apparatus to a reproducing 30 
device The reproducing device generates a second 
iritermediate key in response to the random number key. 
A combination of the identifier and the second interme- 
diate key is transmitted from the reproducing device to 
the data processing apparatus. The data processing 3s 
apparatus retrieves the first intermediate key in 
response to the identifier transmitted from the reproduc- 
ing device. The data processing apparatus decides 
whether or not the retrieved first intermediate key and 
the second intermediate key are equal to each other. « 
The data processing apparatus and the reproducing 
device are disconnected from each other when the data 
processing apparatus decides that the retrieved first 
intermediate key and the second intermediate key are 
not equal to each other. The data processing apparatus 45 
generates a first bus key in response to the first interme- 
diate key. The reproducing device generates a second 
bus key in response to the second irrtermedlate key. 
Encryption and decryption of digital u i fon ii dli on trans- 
mitted between the reproducing device and the data so 
processing apparatus are implemented in response to 
the first and second bus keys. 

Claims 

1. A method of processing information, comprising the 
steps of: 



1) enabBng a data processing apparatus to 
generate a random number key; 

2) enabling the data 'processing apparatus to 
generate a first intermediate key in response to 
the random number key; 

3) enabling the data processing apparatus to 
memorize the first intermediate key in connec- 
tion with an identifier; 

4) transmitting a cornbination of the identifier 
and the random number key from the data 
processing apparatus to a reproducing device; 

5) enabling the reproducing device to generate 
a second imermediate key in response to the 
random number key; 

6) transmitting a combination of the identifier 
— - and the second, intermediate- key- -from ...the— 

reproducing device to the data processing 
apparatus; 

7) enabling the data processing apparatus to 
retrieve the first intermediate key in response to 
the identifier transmitted from the reproducing 
device; 

8) enabling the data processing apparatus to 
decide whether or not the retrieved fast inter- 
mediate key and the second intermediate key 
are equal to each other; 

9) disconnecting the data processing appara- ■ 
tus and the reproducing device from each other 
when the data processing apparatus decides 
that the retrieved first intermediate key and the 
second intermediate key are not equal to each 
other; 

10) enabfing the data processing apparatus to 
generate a first bus key in response to the first 
intermediate key: 

1 1) enabling the data processing apparatus to 
memorize the first bus key in connection with 
the identifier; 

12) enabling the reproducing device to gener- 
ate a second bus key in response to the second 
intermediate key; 

13) enabling the reproducing device to memo- 
rize the second bus key in connection with the 
identifier; 

14) transmitting a combination of the identifier 
and an information requesting command from 
the data processing apparatus to the reproduc- 
ing device after the data processing apparatus 
decides that the retrieved first intermediate key 
and the second intermediate key are equal to 
each other; 

15) enabling the reproducing device to repro- 
duce digital infctrmation from a recording 
medium; 

16) enabling the reproducing device to retrieve 
the second bus key in response to the identifier 
transmitted from the data processing appara- 
tus; 
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17) enabCng the reproducing device to encrypt 
the reproduced digital information into 
encrypted digital information in accordance 
with the retrieved second bus key; 

18) transmitting a combination of the identifier s 
and the encrypted digital information from the 
reproducing device to the data processing 
apparatus in response to the information 
requesting command; 

19) enabling the data processing apparatus to w 
retrieve the first bus key in response to the 
identifier transmi tt ed from the reproducing 
device; and 

20) enabling the data processing apparatus to 
decrypt the encrypted data in accordance with is 

the retrieved first bus key. 

A method of processing information, comprising the 
steps of: 

20 

1) enabling a reproducing device to generate a 
random number key; 

2) enabling the reproducing device to generate 
a first irrtermediate key in response to the ran- 
dom number key; ss 

3) enabling the reproducing device to memo- 
rize the first intermediate key in connection with 
an identifier; 

4) transmitting a combination of the identifier 
and the random number key from the reproduc- 30 
ing device to a data processing apparatus; 

5) enabling the data processing apparatus to 
generate a second intermediate key in 
response to the random number key; 

6) transmitting a combination of the identifier 3s 
and the second intermediate key from the data 
processing apparatus to the reproducing 3. 
device; 

7) enabling the reproducing device to retrieve 
the first intermediate key in response to the 40 
identifier transmitted from the data processing 
apparatus; 

8) enabling the reproducing device to decide 
whether or not the retrieved first intermediate 
key and the second irrterrnecfiate key are equal *s 
to each other; 

9) decormecting the reproducing device and 
the data processing apparatus from each other 
when the reproducing device decides that the 
retrieved first intermediate key and the second so 
intermediate key are not equal to each other; 

10) enabling the reproducing device to gener- 
ate a first bus key in response to the first inter- 
mediate key; 

11) enabling the reproducing device to memo- » 
rize the first bus key in connection with the 
identifier; 

12) enabfing the data processing apparatus to 



generate a second bus key in response to the 
second intermediate key; 

13) enabling the data processing apparatus to 
memorize the second bus key in connection 
with the identifier; 

14) transmitting a combination of the identifier 
and an information requesting command from 
the data processing apparatus to the reproduc- 
ing device after the reproducing device decides 
that the retrieved first intermediate key and the 
second intermediate key are equal to each 
other; 

15) enabling the reproducing device to repro- 
duce digital information from a recording 
medium; 

— 16) enabling the reproducing device to retrieve . 
the f irst bus key in response to the identifier 
transmitted from the data processing appara- 
tus; 

17) enabling the reproducing device to encrypt 
the reproduced digital information into 
encrypted digital information in accordance 
with the retrieved first bus key; 

18) transmitting a combination of the identifier 
and the encrypted digital information from the 
reproducing device to the data processing 
apparatus in response to the information 
requesting corrtrnand; 

19) enabfing the data processing apparatus to 
retrieve the second bus key in response to the 
identifier transmitted from the reproducing 
device; and 

20) enabling the data processing apparatus to 
decrypt the encrypted data in accordance with 
the retrieved second bus key. 

A method of processing information, comprising the 
steps of: 

1) transmitting an identifier requesting com- 
mand from a data processing apparatus to a 
reproducing device; 

2) enabling the reproducing device to select 
one identifier from among predetermined iden- 
tifiers in response to the identifier requesting 
command; 

3) transmitting the selected identifier from the 
reproducing device to the data processing 
apparatus; 

4) enabling the data processing apparatus to 
generate a first random number key; 

5) enabling the data processing apparatus to 
generate a first intermediate key in response to 
the first random number key; 

6) enabling the data processing apparatus to 
memorize the first intermediate key in connec- 
tion with the selected identifier transmitted from 
the reproducing device; 
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7) transmitting a combination of the selected 
identif ier and the f irst random number key from 
the data processing apparatus to the reproduc- 
ing device; 

8) enabling the reproducing device to generate 
a second intermediate key in response to the 
first random number key; 

9) transmitting a corrttnafon of the selected 
identifier and the second intermediate key from 
the reproducing device to the data processing 
apparatus; 

10} enabling the data processing apparatus to 
retrieve the first intermediate key in response to 
the selected identifier transmitted from the 
reproducing device; 

.11) enabling the data processing .apparatus to 
decide whether or not the retrieved first inter- 
mediate key and the second intermediate key 
are equal to each other; 
12) disconnecting the data processing appara- 
tus and the reproducing device from each other 
when the data processing apparatus decides 
that the retrieved first intermeolate key and the 
second intermediate key are not equal to each 
other; 

13} enabling the reproducing device to gener- 
ate a second random number key after the data 
processing apparatus decides that the 
retrieved first intermeolate key and the second 
intermediate key are equal to each other; 

14) enabling the reproducing device to gener- 
ate a third intermeolate key in response to the 
second random number key; 

15) enabling the reproducing device to memo- 
rize the third intermediate key in connection 
with the selected identifier; 

16) transmitting a combination of the selected 
identifier and the second random number key 
from the reproducing device to the data 
processing apparatus; 

17) enabling the data processing apparatus to 
generate a fourth intermediate key in response 
to the second random number key; 

18) transmitting a combination of the selected 
identifier and the fourth intermediate key from 
the data processing apparatus to the reproduc- 
ing device; 

19) enabling the reproducing device to retrieve 
the third intermeolate key in response to the 
selected identifier transmitted from the data 
processing apparatus; 

20) enabling the reproducing device to decide 
whether or not the retrieved third intermediate 
key and the fourth intermeotatB key are equal 
to each other; 

21) disconnecting the reproducing device and 
the data processing apparatus from each other 
when the reproducing device decides that the 



retrieved third intermediate key and the fourth 
intermediate key are not equal to each other; 

22) enabling the reproducing device to gener- 
ate a first bus key in response to the second 

s and third intermediate keys; 

23) enabling the reproducing device to memo- 
rize the first bus key in connection with the 
selected identifier", 

24) enabling the data processing apparatus to 
10 generate a second bus key in response to the 

first and fourth intermediate keys; 

25) enabling the data processing apparatus to 
memorize the second bus key in connection 
with the identifier; 

is 26) transmitting a combination of the selected 

identifier and . an irrtormation requesting corrb. 

mand from the data processing apparatus to 
the reproducing device after the reproducing 
device decides that the retrieved third interme- 
20 diate key and the fourth intermediate key are 

equal to each other; 

27) enabling the reproducing device to repro- 
duce digital information from a recording 
medium; 

25 28) enabling the reproducing device to retrieve 

the first bus key in response to the selected 
identifier transmitted from the data processing 
apparatus; 

29) enabling the reproducing device to encrypt 
30 the reproduced digital information into 

encrypted digital information in accordance 
with the retrieved first bus key; 

30) transmitting a combination of the identifier 
and the encrypted digital information from the 

$s reproducing device to the data processing 

apparatus in response to the information 
requesting command; 

31) enabling the data processing apparatus to 
retrieve the second bus key in response to the 

40 identifier transmitted from the reproducing 

device; and 

32) enabling the data processing apparatus to 
decrypt the encrypted data in accordance wHh 
the retrieved second bus key. 

45 

4. A system tor processing information, comprising: 

a reproducing device; 
a data processing apparatus; 
so first means provided in the data processing 

apparatus for generating a random number 
key; 

second means provided in the data processing 
apparatus for generating a first intermediate 
55 key in response to the random number key. 

third means provided in the data processing 
apparatus for memorizing the first intermediate 
key in connection with an identifier; 
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fourth means for transmitting a combination of 
the identifier and the random number key from 
the data processing apparatus to the reproduc- 
ing device; 

fifth means provided in the reproducing device s 
for generate a second intermediate key in 
response to the random number key; 
sixth means for transmitting a combination of 
the identifier and the second irrtermetfiate key 
from the reproducing device to the data 10 
processing apparatus; 

seventh means provided in the data processing 5. 
apparatus for retrieving the first intermediate 
key in response to the identifier transmitted 
from the reproducing device; is 
- ..eighth means provided in the data processing .. 
apparatus for deciding whether or not the 
retrieved first intermediate key and the second 
intermediate key are equal to each other; 
ninth means for disconnecting the data so 
processing apparatus and the reproducing 
device from each other when the eighth means 
decides that the retrieved first intermediate key 
and the second intermediate key are not equal 
to each other; 2s 
tenth means provided in the data processing 
apparatus for generating a first bus key in 
response to the first intermediate key; 
eleventh means provided in the data process- 
ing apparatus for memorizing the first bus key 30 
in connection with the identifier; 
twelfth means provided in the reproducing 
device for generating a second bus key in 
response to the second intermediate key; 
thirteenth means provided in the reproducing as 
device for memorizing the second bus key in 
connection with the identifier; 
fourteenth means for transmitting a combina- 
tion of the identifier and an information request- 
ing command from the data processing 40 
apparatus to the reproducing device after the 
eighth means decides that the retrieved first 
intermediate key and the second intermediate 
key are equal to each other; 
fifteenth means provided in the reproducing 45 
device for reproducing digital information from 
arecorcfing medium; 

sixteenth means provided in the reproducing 
device for retrieving the second bus key in 
response to the identifier transmitted from the so 
data processing apparatus; 
seventeenth means provided in the reproduc- 
ing device for encrypting the reproduced cfigital 
information into encrypted digital information in 
accordance with the retrieved second bus key; 55 
eighteenth means for transmitting a combina- 
tion of the identifier and the encrypted Digital 
information from the reproducing device to the 



data processing apparatus in response to the 
information requesting command; 
nineteenth means provided in the data 
processing apparatus tor retrieving the first bus 
key in response to the identifier transmitted 
from the reproducing device; and 
twentieth means provided in the data process- 
ing apparatus for decrypting the encrypted 
data in accordance with the retrieved first bus 
key. 

A system for processing information, comprising: 

a reproducing device; 
a data processing apparatus; 
- - first means provided in the reproducing, device . 
for generating a random number key; 
second means provided in the reproducing 
device for generating a first intermediate key in 
response to the random number key; 
third means provided in the reproducing device 
for memorizing the first intermediate key in 
connection with an identifier; 
fourth means for transmitting a combination of 
the identifier and the random number key from 
the reproducing device to a data processing 
apparatus; 

fifth means provided in the data processing 
apparatus for generating a second intermedi- 
ate key in response to the random number key; 
sixth means for transmitting a combination of 
the identifier and the second interned ate key 
from the data processing apparatus to the 
reproducing device; 

seventh means provided in the reproducing 
device for retrieving the first intermediate key in 
response to the identifier transmitted from the 
data processing apparatus; 
eighth means provided in the reproducing 
device for deciding whether or not the retrieved 
first intermediate key and the second interme- 
diate key are equal to each other; 
ninth means for disconnecting the reproducing 
device and the data processing apparatus from 
each other when the eighth means decides that 
the retrieved first intermediate key and the sec- 
ond intermediate key are not equal to each 
other; 

tenth means provided in the reproducing 
device for generating a first bus key in 
response to the first intermediate key; 
eleventh means provided in the reproducing 
device tor memorizing the first bus key in con- 
nection with the identifier; 
twelfth means provided in the data processing 
apparatus for generating a second bus key in 
response to the second intermecfiate key; 
thirteenth means provided in the data process- 
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trig apparatus for memorizing the second bus 
key in connection with the identifier; 
fourteenth means for transmitting a combina- 
tion of the identifier and an information request- 
ing command from the data processing s 
apparatus to the reproducing device after the 
eighth means decides that the retrieved first 
intermediate key and the second intermediate 
key are equaJ to each other; 
fifteenth means provided in the reproducing 10 
device for reproducing digital information from 
a recording medium; 

sixteenth means provided in the reproducing 
device for retrieving the first bus key in 
response to the identifier transmitted from the 15 

-data processing apparatus;- — . — . 

seventeenth means provided in the reproduc- 
ing device for encrypting the reproduced digital 
in formation into encrypted cfigfta! information in 
accordance with the retrieved f irst bus key; 20 
eighteenth means for transmitting a combina- 
tion of the identifier and the encrypted digital 
information from the reproducing device to the 
data processing apparatus in response to the 
information requesting command; 2s 
nineteenth means provided in the data 
processing apparatus for retrieving the second 
bus key in response to the identifier transmitted 
from the reproducing device; and 
twentieth means provided in the data process- so 
ing apparatus for decrypting the encrypted 
data in accordance with the retrieved second 
bus key. 

A system tor processing information, comprising: 35 

a reproducing device; 
a data processing apparatus; 
first means for transmitting an identifier 
requesting command from the data processing 40 
apparatus to the reproducing device; 
second means provided in the reproducing 
device for selecting one identifier from among 
predetermined identifiers in response to the 
identifier requesting command; 45 
third means for transmitting the selected identi- 
fier from the reproducing device to the data 
processing apparatus; 

fourth means provided in the data processing 
apparatus to generate a first random number so 
key; 

fifth means provided in the data processing 
apparatus for generating a first intermediate 
key in response to the first random number key; 
sixth means provided in the data processing ss 
apparatus for memorizing the first intermediate 
key in connection with the selected identifier 
transmitted from the reproducing device; 



seventh means for transmitting a combination 
of the selected identifier and the first random 
number key from the data processing appara- 
tus to the reproducing device; 
eighth means provided in the reproducing 
device for generating a second intermediate 
key in response to the first random number key; 
ninth means for transmitting a combination of 
the selected identifier and the second interme- 
diate key from the reproducing device to the 
data processing apparatus; 
tenth means provided in the data processing 
apparatus for retrieving the first intermediate 
key in response to the selected identifier trans- 
mitted from the reproducing device; 
eleventh means.provideri-m.the.data process- 
ing apparatus for deciding whether or not the 
retrieved first intermediate key and the second 
intermediate key are equal to each other; 
twetfth means for c^scortnecfjng the data 
processing apparatus and the reproducing 
device from each other when the eleventh 
means decides that the retrieved first interme- 
diate key and the second intermediate key are 
not equal to each other; 
thirteenth means provided in the reprocfucing 
device for generating a second random number 
key after the eleventh means decides that the 
retrieved first intermediate key and the second 
intermediate key are equal to each other; 
fourteenth means provided in the reproducing 
device for generating a third intermediate key in 
response to the second random number key; 
fifteenth means provided in the reproducing 
device for memorizing the third intermediate 
key in connection with the selected identifier; 
sixteenth means for transmitting a cornbinabon 
of the selected identifier and the second ran- 
dom number key from the reproducing device 
to the data processing apparatus; 
seventeenth means provided in the data 
processing apparatus for generating a fourth 
intermediate key in response to the second 
random number key; 

eighteenth means for transmitting a combina- 
tion of the selected identifier and the fourth 
intermediate key from the data processing 
apparatus to the reproducing device; 
nineteenth means provided in the reproducing 
device tor retrieving the third intermediate key 
in response to the selected identifier transmit- 
ted from the data processing apparatus; 
twentieth means provided in the reproducing 
device for deciding whether or not the retrieved 
third intermediate key and the fourth intermecfi- 
ate key are equal to each other; 
twenty-first means for disconnecting the repro- 
ducing device and the data processing appara- 
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tus from each other when the twentieth means 
decides that the retrieved third intermediate 
key and the fourth intermediate key are not 
equal to each other; 

twenty-second means provided in the repro- s 
ducing device for generating a first bus key in 
response to the second and third intermediate 
keys; 

twenty-third means provided in the reproducing 
device for memorizing the first bus key in con- w 
nection with the selected identifier; 
twenty-fourth means provided in the data 
processing apparatus for generating a second 
bus key in response to the first and fourth inter- 
mediate keys; 15 

twenty^jfth. -rrieans provided -in. -the—data 

processing apparatus for memorizing the sec- 
ond bus key in connection with the identifier; 
twenty-sixth means for trartsmrtting a combina- 
tion of the selected identifier and an information 20 
requesting command from the data processing 
apparatus to the reproducing device after the 
twentieth means decides that the retrieved third 
intermediate key and the fourth intermediate 
key are equal to each other; ss 
twenty-seventh means provided in the repro- 
ducing device for reproducing digital informa- 
tion from a recording medium; 
twenty-eighth means provided in the reproduc- 
ing device for retrieving the first bus key in 30 
response to the selected rientrfier transmitted 
from the data processing apparatus; 
twenty-ninth means provided in the reproduc- 
ing device for encrypting the reproduced rfgital 
information into encrypted digital information in 35 
accordance with the retrieved first bus key; 
thirtieth means for transmitting a combination 
of the identifier and the encrypted digital infor- 
mation from the reproducing device to the data 
processing apparatus in response to the inter- 40 
mation requesting command; 
thirty-first means provided in the data process- 
ing apparatus for retrieving the second bus key 
in response to the identifier transmitted from 
the reproducing device; and 45 
thirty-second means provided in the data 
processing apparatus for decrypting the 
encrypted data in accordance with the 
retrieved second bus key. 
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